Multi-Policy Collaborative Access Control Model for Composite Services

Service composition has become the main style of cross-domain business collaboration environments, and security issues prohibit the widespread use of composite services. Based on attribute, this paper presents a multiple policies collaborative access control model which combines the attribute policies of composite service, component services and user domain. This model can provide fine-grained access control for service composition and support collaborative authorization based on business attributes in business collaboration environments while keeping the standalone of component service access control. The analysis result shows that this model not only satisfies the access control requirements of business process in composite service, but also provides fine-grained access control for component services.

[1]  K.I. Kim,et al.  A Collaborative Access Control Based on XACML in Pervasive Environments , 2008, 2008 International Conference on Convergence and Hybrid Information Technology.

[2]  Mudhakar Srivatsa,et al.  An Access Control System for Web Service Compositions , 2007, IEEE International Conference on Web Services (ICWS 2007).

[3]  Jian Yang,et al.  BPEL4RBAC: An Authorisation Specification for WS-BPEL , 2008, WISE.

[4]  Vijayalakshmi Atluri,et al.  Efficient security policy enforcement for the mobile environment , 2008, J. Comput. Secur..

[5]  Sunita Tiwari,et al.  Survey of potential attacks on web services and web service compositions , 2011, 2011 3rd International Conference on Electronics Computer Technology.

[6]  Barbara Carminati,et al.  Security Conscious Web Service Composition , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[7]  Zahir Tari,et al.  A role based access control for Web services , 2004, IEEE International Conference onServices Computing, 2004. (SCC 2004). Proceedings. 2004.

[8]  Miroslaw Malek,et al.  Current solutions for Web service composition , 2004, IEEE Internet Computing.

[9]  Yu Zhou,et al.  Access Control on the Composition of Web Services , 2006, International Conference on Next Generation Web Services Practices.

[10]  Partha Pratim Pal A framework for isolating connection expection management , 2000, CSUR.

[11]  Elisa Bertino,et al.  Access Control and Authorization Constraints for WS-BPEL , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[12]  James B. D. Joshi,et al.  Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy , 2006, SACMAT '06.

[13]  Mark Strembeck,et al.  An integrated approach for identity and access management in a SOA context , 2011, SACMAT '11.

[14]  Mira Mezini,et al.  Using aspects for security engineering of Web service compositions , 2005, IEEE International Conference on Web Services (ICWS'05).

[15]  Hui Li,et al.  A United Access Control Model for Systems in Collaborative Commerce , 2009, J. Networks.

[16]  Seng-Phil Hong,et al.  Access control in collaborative systems , 2005, CSUR.

[17]  Hairong Yu,et al.  A service-oriented architecture for financial business processes , 2007, Inf. Syst. E Bus. Manag..

[18]  Richard O. Sinnott,et al.  A review of grid authentication and authorization technologies and support for federated access control , 2011, CSUR.

[19]  Elisa Bertino,et al.  An Access-Control Framework for WS-BPEL , 2008, Int. J. Web Serv. Res..

[20]  Peng Liu,et al.  An Access Control Model for Web Services in Business Process , 2004, IEEE/WIC/ACM International Conference on Web Intelligence (WI'04).

[21]  Dong Huang Semantic Policy-based Security Framework for Business Processes , 2005 .