Designing a distributed access control processor for network services on the Web

Authors:
Reiner Kraft
Affiliations:
IBM Almaden Research Center, San Jose, CA
Venue:
Proceedings of the 2002 ACM workshop on XML security
Year:
2002

Citing 9
Cited 7

Role-Based Access Control Models

Computer
Weaving a Web of trust

World Wide Web Journal - Special issue: Web security: a matter of trust
Service Combinators for Web Computing

IEEE Transactions on Software Engineering
Design and implementation of an access control processor for XML documents

Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
XML document security based on provisional authorization

Proceedings of the 7th ACM conference on Computer and communications security
Fine grained access control for SOAP E-services

Proceedings of the 10th international conference on World Wide Web
Security Engineering: A Guide to Building Dependable Distributed Systems

Security Engineering: A Guide to Building Dependable Distributed Systems
IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks

IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks
Analysis of the SSL 3.0 protocol

WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2

Service domains

IBM Systems Journal
Declaration and enforcement of fine-grained access restrictions for a service-based geospatial data infrastructure

Proceedings of the tenth ACM symposium on Access control models and technologies
A fuzzy outranking approach in risk analysis of web service security

Cluster Computing
On the design, implementation and application of an authorisation architecture for web services

International Journal of Information and Computer Security
Temporal authorizations scheme for XML document

DNCOCO'06 Proceedings of the 5th WSEAS international conference on Data networks, communications and computers
An authorization architecture for web services

DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Supporting Secure Information Flow: An Engineering Approach

International Journal of e-Collaboration

Quantified Score

Hi-index	0.00

Visualization

Abstract

The service oriented architecture (SOA) is gaining more momentum with the advent of network services on the Web. A programmable and machine accessible Web is the vision of many,and might represent a step towards the semantic Web. However, security is a crucial requirement for the serious usage and adoption of the Web services technology. This paper enumerates design goals for an access control model for Web services. It then introduces an abstract general model for Web services components, along with formal definitions and notation that can be used as a basis to design an access control processor independent of a particular Web service implementation. It follows the design of a distributed access control processor built upon this general model for Web services, along with implementation guidelines and examples. Main goals for a general authorization framework are identified, and design spaces enumerated.