An attribute and role based access control model for Web services

Based on the analysis of the access control requirements for Web services, this paper points out the limitation of current access control models for Web services, and presents an attribute and role based access control model for Web services. The model automatically produces the role set, accomplishes the mapping among users, permissions and roles, and unifies the access control for Web services and data resources involved.

[1]  Zahir Tari,et al.  A role based access control for Web services , 2004, IEEE International Conference onServices Computing, 2004. (SCC 2004). Proceedings. 2004.

[2]  Elisa Bertino,et al.  A trust-based context-aware access control model for Web-services , 2004 .

[3]  Vijay Varadharajan,et al.  Issues in the Design of a Language for Role Based Access Control , 1999, ICICS.

[4]  Xie Jun,et al.  Context-Aware Role-Based Access Control Model for Web Services , 2004 .

[5]  Vijay Varadharajan,et al.  Authorization service for Web services and its implementation , 2004 .

[6]  Ke Wang,et al.  An access control language for web services , 2002, SACMAT '02.

[7]  Vijay Varadharajan,et al.  An Analysis of Access Control Models , 1999, ACISP.

[8]  Elisa Bertino,et al.  Access Control in Dynamic XML-Based Web-Services with X-RBAC , 2003, ICWS.

[9]  Jan H. P. Eloff,et al.  Virtual enterprise access control requirements , 2003 .

[10]  Elisa Bertino,et al.  A fine-grained access control model for Web services , 2004, IEEE International Conference onServices Computing, 2004. (SCC 2004). Proceedings. 2004.

[11]  Jan H. P. Eloff,et al.  Towards Web Service access control , 2004, Comput. Secur..

[12]  Sudhir Agarwal,et al.  Access control for semantic Web services , 2004, Proceedings. IEEE International Conference on Web Services, 2004..