Title :
Action-Based Access Control for Web Services
Author :
Li, Fenghua ; Wang, Wei ; Ma, Jianfeng ; Su, Haoxin
Author_Institution :
Key Lab. of Comput. Networks & Inf. Security (Minist. of Educ.), Xidian Univ., Xi´´an, China
Abstract :
Web services over the Internet are widely used nowadays. The problem of secure access to Web-based systems is of great importance naturally. Compared with the existing models, the action-based access control (ABAC) model is the most suitable to control the access on Web services. In this paper, the ABAC model is introduced. Then, the security architecture of ABAC for Web services is proposed. In the architecture, the action server manages the action information, the domain server determines the security rank of request resources, and the resource server storing the resources with different security ranks responses the request from the user. The cookie is extended with security properties.
Keywords :
Web services; authorisation; Internet; Web service; Web-based system; action-based access control; domain server; security architecture; Access control; Computer networks; Computer science education; Electronic mail; Information security; Laboratories; Permission; Power system security; Service oriented architecture; Web services; Web service; access control; cookie; security;
Conference_Titel :
Information Assurance and Security, 2009. IAS '09. Fifth International Conference on
Conference_Location :
Xian
Print_ISBN :
978-0-7695-3744-3
DOI :
10.1109/IAS.2009.114
