Title :
An Access Control Model for Service Composite
Author :
Ji, Gaofeng ; Tang, Yong ; Huang, Fan ; Wang, Peng ; Wu, Guibin
Author_Institution :
Sun Yat-sen Univ., Guangzhou
Abstract :
Business Process Execution Language for Web Services is a language, which can be used to define abstract and executable processes. It has became to be the defacto standard of Web Service composition. However, the security aspect of access control is explicitly mentioned to be outside the scope of BPEL. This paper focuses on the implementation of access controls in the BPEL-based process. The existing Task-Based Access Control model was extended. The definition of authorization unit was modified and new types of authorization units were added. Moreover the mapping from the process defined by BPEL to TBAC model was implemented and an approach of using TBAC in BPEL was put forward. The future work was pointed out in the end of the paper.
Keywords :
Web services; authorisation; business data processing; groupware; specification languages; CSCW; Web service composition; authorization unit; business process execution language; security aspect; task-based access control model; Access control; Authorization; Collaborative work; Computer science; Context modeling; Engines; Permission; Security; Sun; Web services; Access Control; BPEL; CSCW;
Conference_Titel :
Computer Supported Cooperative Work in Design, 2007. CSCWD 2007. 11th International Conference on
Conference_Location :
Melbourne, Vic.
Print_ISBN :
1-4244-0963-2
Electronic_ISBN :
1-4244-0963-2
DOI :
10.1109/CSCWD.2007.4281548
