Role-Based Access Control Models
Computer
Computational Issues in Secure Interoperation
IEEE Transactions on Software Engineering
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Cross-organisational workflow management and co-ordination: WACC'99 workshop report
ACM SIGGROUP Bulletin
Providing Security and Interoperation of HeterogeneousSystems
Distributed and Parallel Databases - Security of data and transaction processing
Merging heterogenous security orderings
Journal of Computer Security
Authorization specification and enforcement in federated database systems
Journal of Computer Security
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
A Chinese wall security model for decentralized workflow systems
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
An Approach for Building Secure Database Federations
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Security Issues in Federated Database Systems: Panel Contributions
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Web Implementation of a Securtty Mediator for Medical Databases
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Virtual Enterprises and Federated Information Sharing
DEXA '98 Proceedings of the 9th International Conference on Database and Expert Systems Applications
Role-Based Access Control
The Complexity and Composability of Secure Interoperation
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
On permissions, inheritance and role hierarchies
Proceedings of the 10th ACM conference on Computer and communications security
Composing Web services on the Semantic Web
The VLDB Journal — The International Journal on Very Large Data Bases
Web services on demand: WSLA-driven automated management
IBM Systems Journal
On mutually-exclusive roles and separation of duty
Proceedings of the 11th ACM conference on Computer and communications security
IT-enabled sense-and-respond strategies in complex public organizations
Communications of the ACM - Adaptive complex enterprises
SERAT: SEcure role mApping technique for decentralized secure interoperability
Proceedings of the tenth ACM symposium on Access control models and technologies
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Secure collaboration in mediator-free environments
Proceedings of the 12th ACM conference on Computer and communications security
Management of the service-oriented-architecture life cycle
IBM Systems Journal
The enterprise service bus: making service-oriented architecture real
IBM Systems Journal
Authorization control in collaborative healthcare systems
Journal of Theoretical and Applied Electronic Commerce Research
RAR: A role-and-risk based flexible framework for secure collaboration
Future Generation Computer Systems
Authorization in cross-border eHealth systems
Information Systems Frontiers
Capacity-Driven Web Services: Concepts, Definitions, Issues, and Solutions
International Journal of Systems and Service-Oriented Engineering
| Hi-index | 0.00 |
Multidomain application environments where distributed domains interoperate with each other is a reality in Web-services-based infrastructures. Collaboration enables domains to effectively share resources; however, it introduces several security and privacy challenges. In this article, we use the current web service standards such as SOAP and UDDI to enable secure interoperability in a service-oriented mediator-free environment. We propose a multihop SOAP messaging protocol that enables domains to discover secure access paths to access roles in different domains. Then we propose a path authentication mechanism based on the encapsulation of SOAP messages and the SOAP-DISG standard. Furthermore, we provide a service discovery protocol that enables domains to discover service descriptions stored in private UDDI registries.