A Web Service Architecture for Enforcing Access Control Policies

被引：17

作者：

Ardagna, Claudio Agostino ^{[1
]}

Damiani, Ernesto ^{[1
]}

di Vimercati, Sabrina De Capitani ^{[1
]}

Samarati, Pierangela ^{[1
]}

机构：

[1] Univ Milan, Dipartimento Tecnol Informaz, I-26013 Crema, Italy

来源：

ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE | 2006年 / 142卷

关键词：

Web Services; security; interoperability; distributed systems; XML;

D O I：

10.1016/j.entcs.2004.09.044

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Web services represent a challenge and an opportunity for organizations wishing to expose product and services offerings through the Internet. The Web service technology provides an environment in which service providers and consumers can discover each other and conduct business transactions through the exchange of XML-based documents. However, any organization using XML and Web Services must ensure that only the right users, sending the appropriate XML content, can access their Web Services. Access control policy specification for controlling access to Web services is then becoming an emergent research area due to the rapid development of Web services in modern economy. This paper is an effort to understand the basic concepts for securing Web services and the requirements for implementing secure Web services. We describe the design and implementation of a Web service architecture for enforcing access control policies, the overall rationale and some specific choices of our design are discussed.

引用

页码：47 / 62

页数：16

共 50 条

[31] An access control system for web service compositions
Srivatsa, Mudhakar
Iyengar, Arun
Mikalsen, Thomas
Rouvellou, Isabelle
Yin, Jian
2007 IEEE INTERNATIONAL CONFERENCE ON WEB SERVICES, PROCEEDINGS, 2007, : 1 - +
[32] Secure RDTs: Enforcing Access Control Policies for Offline Available JSON']JSON Data
Renaux, Thierry
Van den Vonder, Sam
De Meuter, Wolfgang
PROCEEDINGS OF THE ACM ON PROGRAMMING LANGUAGES-PACMPL, 2023, 7 (OOPSLA):
[33] Pairing Human and Artificial Intelligence: Enforcing Access Control Policies with LLMs and Formal Specifications
Rubio-Medrano, Carlos E.
Kotak, Akash
Wang, Wenlu
Sohr, Karsten
PROCEEDINGS OF THE 29TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, SACMAT 2024, 2024, : 105 - 116
[34] A Technical Architecture for Enforcing Usage Control Requirements in Service-Oriented Architectures
Agreiter, B.
Alam, M.
Breu, R.
Hafner, M.
Pretschner, A.
Seifert, J. -P.
Zhang, X.
SWS'07: PROCEEDINGS OF THE 2007 ACM WORKSHOP ON SECURE WEB SERVICES, 2007, : 18 - 25
[35] Use of XACML Policies for a Network Access Control Service
Lopez, Gabriel
Canovas, Oscar
Gomez-Skarmeta, Antonio F.
APPLIED PUBLIC KEY INFRASTRUCTURE, 2005, 128 : 111 - 122
[36] Enforcing policies and guidelines in web portals: A case study
Karus, Siim
Dumas, Marlon
WEB INFORMATION SYSTEMS ENGINEERING - WISE 2007 WORKSHOPS, 2007, 4832 : 154 - 165
[37] Web services access control architecture incorporating trust
Coetzee, Marijke
Eloff, J. H. P.
INTERNET RESEARCH, 2007, 17 (03) : 291 - 305
[38] Modeling and Enforcing Security and Service Control Policies using FlexRFID Middleware Healthcare Scenarios
El Khaddar, Mehdia Ajana
Chraibi, Mhammed
Harroud, Hamid
Boulmalf, Mohammed
Elkoutbi, Mohammed
Maach, Abdelilah
2014 SCIENCE AND INFORMATION CONFERENCE (SAI), 2014, : 461 - 467
[39] Using Semantic Web Techniques to Implement Access Control for Web Service
He, Zhengqiu
Huang, Kangyu
Wu, Lifa
Li, Huabo
Lai, Haiguang
INFORMATION COMPUTING AND APPLICATIONS, PT 1, 2010, 105 : 258 - 266
[40] An approach to automating the integration of the Access Control Policies for Web Services
Alodib, Mohammed
2013 14TH ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCE, NETWORKING AND PARALLEL/DISTRIBUTED COMPUTING (SNPD 2013), 2013, : 181 - 187

← 1 2 3 4 5 →