A Trust-Based Context-Aware Control Model for Web Services
Author
R. Bhatti, E. Bertino, A.Ghafoor
Tech report number
CERIAS TR 2004-72
Abstract
A key challenge in Web services security is the design
of effective access control schemes that can adequately
meet the unique security challenges posed by the Web
services paradigm. Despite the recent advances in Web
based access control approaches applicable to Web
services, there remain issues that impede the
development of effective access control models for
Web services environment. Amongst them are the lack
of context-aware models for access control, and
reliance on identity or capability-based access control
schemes. In this paper, we motivate the design of an
access control scheme that addresses these issues, and
propose an extended, trust-enhanced version of our
XML-based Role Based Access Control (X-RBAC)
framework that incorporates context-based access
control. We outline the configuration mechanism
needed to apply our model to the Web services
environment, and also describe the implementation
architecture for the system.
Journal
Proceedings of the IEEE International Conference on Web Services (ICWS�04)
Publication Date
2004-01-01
Contents
1. Introduction
2. Background and Related Work
3. Trust�Enhanced X-GTRBAC Model
4. Implementation Architecture
5. Conclusion
Location
A hard-copy of this is in the CERIAS Library