Role-Based Access Control Models
Computer
An access control language for web services
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Security Policy Reconciliation in Distributed Computing Environments
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
A Trust-based Context-Aware Access Control Model for Web-Services
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Web Service Authorization Framework
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Authorization and Privacy for Semantic Web Services
IEEE Intelligent Systems
Security Conscious Web Service Composition
ICWS '06 Proceedings of the IEEE International Conference on Web Services
Pellet: A practical OWL-DL reasoner
Web Semantics: Science, Services and Agents on the World Wide Web
Using Description Logic and Rules to Determine XML Access Control
DEXA '07 Proceedings of the 18th International Conference on Database and Expert Systems Applications
UIC '08 Proceedings of the 5th international conference on Ubiquitous Intelligence and Computing
POLICY '08 Proceedings of the 2008 IEEE Workshop on Policies for Distributed Systems and Networks
Description Logic Framework for Access Control and Security in Object-Oriented Systems
RSFDGrC '07 Proceedings of the 11th International Conference on Rough Sets, Fuzzy Sets, Data Mining and Granular Computing
Representation and reasoning on RBAC: a description logic approach
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services
Authorization control in collaborative healthcare systems
Journal of Theoretical and Applied Electronic Commerce Research
Authorization in cross-border eHealth systems
Information Systems Frontiers
Rule-Based Security Capabilities Matching for Web Services
Wireless Personal Communications: An International Journal
Hi-index | 0.00 |
Access control has been studied for sometime, and there are a number of theories and techniques for handling access control for single or centralised systems; however, unique and challenging security issues concerning collaboration in the context of service oriented computing (SOC) have arisen due to the dynamic and loosely coupled nature of the environment in which these collaborations are conducted. Individual organisations usually define their access control policies independently. When a collaboration opportunity arrives, a number of problems arise, such as: determining if the collaboration is possible given the access control policies, defining the policy for the collaboration and deciding under what conditions a service is allowed to be forwarded to other parties. Furthermore, different types of collaboration, in terms of the way collaboration is carried out, require different access control support. In this paper, we propose a model encoded in description logic to capture all the necessary elements for specifying access control policy for collaboration. Based on the model, various inconsistencies between access policies from different business units are identified. The paper also shows how a description logic reasoner can be used to prove that two policies are suitable, or not suitable, for collaboration. The policy model and policies are encoded in a SROIQ knowledge base. Although access control policies focus on a single system or a single business party's requirements, the method presented in this paper allows a logical analysis of the suitability of potential collaboration partners. We believe this work is laying a foundation for access policy development, negotiation and enforcement for cross-organization collaborations.