Role-Based Access Control Models
Computer
World Wide Web Journal - Special issue: Web security: a matter of trust
Service Combinators for Web Computing
IEEE Transactions on Software Engineering
Design and implementation of an access control processor for XML documents
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
Fine grained access control for SOAP E-services
Proceedings of the 10th international conference on World Wide Web
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks
IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks
Analysis of the SSL 3.0 protocol
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
IBM Systems Journal
Proceedings of the tenth ACM symposium on Access control models and technologies
A fuzzy outranking approach in risk analysis of web service security
Cluster Computing
On the design, implementation and application of an authorisation architecture for web services
International Journal of Information and Computer Security
Temporal authorizations scheme for XML document
DNCOCO'06 Proceedings of the 5th WSEAS international conference on Data networks, communications and computers
An authorization architecture for web services
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Supporting Secure Information Flow: An Engineering Approach
International Journal of e-Collaboration
Hi-index | 0.00 |
The service oriented architecture (SOA) is gaining more momentum with the advent of network services on the Web. A programmable and machine accessible Web is the vision of many,and might represent a step towards the semantic Web. However, security is a crucial requirement for the serious usage and adoption of the Web services technology. This paper enumerates design goals for an access control model for Web services. It then introduces an abstract general model for Web services components, along with formal definitions and notation that can be used as a basis to design an access control processor independent of a particular Web service implementation. It follows the design of a distributed access control processor built upon this general model for Web services, along with implementation guidelines and examples. Main goals for a general authorization framework are identified, and design spaces enumerated.