Handbook of algorithms and data structures: in Pascal and C (2nd ed.)
Handbook of algorithms and data structures: in Pascal and C (2nd ed.)
On finding the strongly connected components in a directed graph
Information Processing Letters
Modal and temporal logics for processes
Proceedings of the VIII Banff Higher order workshop conference on Logics for concurrency : structure versus automata: structure versus automata
An access control language for web services
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
ACM Transactions on Information and System Security (TISSEC)
DAML-S: Web Service Description for the Semantic Web
ISWC '02 Proceedings of the First International Semantic Web Conference on The Semantic Web
A Trust-based Context-Aware Access Control Model for Web-Services
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Authorization and Privacy for Semantic Web Services
IEEE Intelligent Systems
A Role based Access Control for Web Services
SCC '04 Proceedings of the 2004 IEEE International Conference on Services Computing
Trust Negotiation as an Authorization Service forWeb Services
ICDEW '06 Proceedings of the 22nd International Conference on Data Engineering Workshops
Access control enforcement for conversation-based web services
Proceedings of the 15th international conference on World Wide Web
Safety and consistency in policy-based authorization systems
Proceedings of the 13th ACM conference on Computer and communications security
OACerts: Oblivious Attribute Certificates
IEEE Transactions on Dependable and Secure Computing
A Negotiation Scheme for Access Rights Establishment in Autonomic Communication
Journal of Network and Systems Management
An Access Control Metamodel for Web Service-Oriented Architecture
ICSEA '07 Proceedings of the International Conference on Software Engineering Advances
Conceptual modeling of web service conversations
CAiSE'03 Proceedings of the 15th international conference on Advanced information systems engineering
Virtual private social networks and a facebook implementation
ACM Transactions on the Web (TWEB)
Hi-index | 0.00 |
With organizations increasingly depending on Web services to build complex applications, security and privacy concerns including the protection of access control policies are becoming a serious issue. Ideally, service providers would like to make sure that clients have knowledge of only portions of the access control policy relevant to their interactions to the extent to which they are entrusted by the Web service and without restricting the client’s choices in terms of which operations to execute. We propose ACConv, a novel model for access control in Web services that is suitable when interactions between the client and the Web service are conversational and long-running. The conversation-based access control model proposed in this article allows service providers to limit how much knowledge clients have about the credentials specified in their access policies. This is achieved while reducing the number of times credentials are asked from clients and minimizing the risk that clients drop out of a conversation with the Web service before reaching a final state due to the lack of necessary credentials. Clients are requested to provide credentials, and hence are entrusted with part of the Web service access control policies, only for some specific granted conversations which are decided based on: (1) a level of trust that the Web service provider has vis-à-vis the client, (2) the operation that the client is about to invoke, and (3) meaningful conversations which represent conversations that lead to a final state from the current one. We have implemented the proposed approach in a software prototype and conducted extensive experiments to show its effectiveness.