Towards usage control models: beyond traditional access control
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
InfraSec '02 Proceedings of the International Conference on Infrastructure Security
Session Authentication Protocol for Web Services
SAINT-W '02 Proceedings of the 2002 Symposium on Applications and the Internet (SAINT) Workshops
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
PKI-Based Security for Peer-to-Peer Information Sharing
P2P '04 Proceedings of the Fourth International Conference on Peer-to-Peer Computing
A Web Service Authentication Control System Based on SRP and SAML
ICWS '05 Proceedings of the IEEE International Conference on Web Services
A Security Model Design in Web Service Environment
CIT '05 Proceedings of the The Fifth International Conference on Computer and Information Technology
ACXESS - Access Control for XML with Enhanced Security Specifications
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Developing enterprise web services: an architect's guide
Developing enterprise web services: an architect's guide
Survey: Usage control in computer security: A survey
Computer Science Review
Hi-index | 0.00 |
With the worldwide dissemination of Internet, Web Service has become a promising paradigm of ubiquitous computing. However, one major stumbling block of using Web Service in ubiquitous environment is the lack of security enforcement. In this paper, we introduce a systematic approach to enhance Web Service with the access control, user authentication, and session management. Delegation of access right among distributed security manager has been added to the Usage Control model and formal description of access control model is defined. A set of Web service operations is devised for procedural implementation of the security model. Using the proposed operations we show how SSO (Single Sign On) can be realized in ubiquitous computing environments.