Role-Based Access Control Models
Computer
Design and implementation of an access control processor for XML documents
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Towards the Integration of Web Services Security on Enterprise Environments
SAINT-W '02 Proceedings of the 2002 Symposium on Applications and the Internet (SAINT) Workshops
Web Service Authorization Framework
ICWS '04 Proceedings of the IEEE International Conference on Web Services
A closer look to the V-model approach for role engineering
WSEAS Transactions on Computers
| Hi-index | 0.00 |
According to the advantage of platform independent, loose coupling and opening, Web Services application infrastructure becomes preferred solution to enterprise information sharing and enterprise application integration. New business applications can be dynamically assembled from a variety of Web Services. However, it also presents challenges in terms of security and management. Large-scale interconnection of systems and services, decentralized administration, and rapidly changing service compositions require a flexible access control model that is adapted to these challenges. In this paper, we focus on access control of Web Services based on its security requirements. We propose model and mechanism for specifying and enforcing role-based authorization models for Web Services. We also develop a prototype application to demonstrate the practical feasibility of this technology.