The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

A Trust-Based Context-Aware Control Model for Web Services

Download

Download PDF Document
PDF

Author

R. Bhatti, E. Bertino, A.Ghafoor

Tech report number

CERIAS TR 2004-72

Entry type

inproceedings

Abstract

A key challenge in Web services security is the design of effective access control schemes that can adequately meet the unique security challenges posed by the Web services paradigm. Despite the recent advances in Web based access control approaches applicable to Web services, there remain issues that impede the development of effective access control models for Web services environment. Amongst them are the lack of context-aware models for access control, and reliance on identity or capability-based access control schemes. In this paper, we motivate the design of an access control scheme that addresses these issues, and propose an extended, trust-enhanced version of our XML-based Role Based Access Control (X-RBAC) framework that incorporates context-based access control. We outline the configuration mechanism needed to apply our model to the Web services environment, and also describe the implementation architecture for the system.

Download

PDF

Date

2004

Journal

Proceedings of the IEEE International Conference on Web Services (ICWS�04)

Key alpha

Bhatti

Publication Date

2004-01-01

Contents

1. Introduction 2. Background and Related Work 3. Trust�Enhanced X-GTRBAC Model 4. Implementation Architecture 5. Conclusion

Language

English

Location

A hard-copy of this is in the CERIAS Library

Subject

Web Services

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.