Mediation of Trust across Web Services
ICWS '05 Proceedings of the IEEE International Conference on Web Services
An Attribute-Based Access Control Model for Web Services
PDCAT '06 Proceedings of the Seventh International Conference on Parallel and Distributed Computing, Applications and Technologies
| Hi-index | 0.00 |
The unified management of user rights and access control policies in a corporation with many units is not easy to implement. Moreover, most of the distributed access control systems are complex and heterogeneous, making it hard to maintain a unified control over all fine grained policies employed by each unit. This paper proposes a unified administration of policies for corporation environments by applying a management scheme based on authorization certificates. These certificates allow the derivation of new fine grained policies in the domain of each unit, assuring that no corporation policies will be violated. These new policies update automatically the corporation repository, preserving the unified management of user rights, and then update the corresponding policy repository of each unit. Our proposal provides a real loosely coupled policy management scheme using a serverless public key infrastructure and the Web Services technology. The prototype shows the proposal viability.