Access Control Enforcement for Conversation-based Web Services
Author
M. Mecella, M.Ouzzani, F. Paci, E. Bertino
Tech report number
CERIAS TR 2005-79
Abstract
Service Oriented Computing is emerging as the main approach
to build distributed enterprise applications on the
Web. The widespread use of Web services is hindered by
the lack of adequate security and privacy support. In this
paper, we present a novel framework for enforcing access
control in conversation-based Web services. Our approach
takes into account the conversational nature of Web services.
This is in contrast with existing approaches to access
control enforcement that assume aWeb service as a set of independent
operations. Furthermore, our approach achieves
a tradeoff between the need to protect Web service
Key alpha
Massimo Mecella
Affiliation
University of Roma "La Sapienza", Purdue University, University of Milano
Publication Date
1900-01-01