Title :
A Semantic- and Attribute-Based Framework for Web Services Access Control
Author_Institution :
Sch. of Comput., Hubei Univ. of Technol., Wuhan, China
Abstract :
Web services over the Internet are widely used nowadays. Controlling access in Web services environment is crucial and a significant challenge because this environment is more dynamic and heterogeneous. Compared with the existing models, attribute-based access control is more appropriate for Web services, but it do not fully exploit the semantic power and reasoning capabilities of emerging web applications. To address these issues, a semantic and attribute-based access control framework (S_ABAC) is presented by combining the attribute-based access control with semantic-based access control in this paper. By extending the eXtensible Access Control Markup Language architecture and representing semantically the resources and users attributes with ontology, S_ABAC can realize semantic and attribute-based access control, and can also provide administratively scalable alternative and semantic interoperability. In the prototype implementation, S_ABAC uses Shibboleth service to address the disclosure issue of the sensitive attributes and also separates ontology management from access management.
Keywords :
Web services; authorisation; Internet; Shibboleth service; Web services access control; Web services environment; access management; attribute-based access control framework; eXtensible Access Control Markup Language architecture; ontology management; semantic interoperability; semantic-based access control; semantic-based framework; Access control; Markup languages; OWL; Ontologies; Privacy; Protection; Prototypes; Semantic Web; Web and internet services; Web services;
Conference_Titel :
Intelligent Systems and Applications (ISA), 2010 2nd International Workshop on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-5872-1
Electronic_ISBN :
978-1-4244-5874-5
DOI :
10.1109/IWISA.2010.5473670
