Title :
Enhancing Security Modeling for Web Services Using Delegation and Pass-On
Author :
She, Wei ; Yen, I-Ling ; Thuraisingham, Bhavani
Author_Institution :
Univ. of Texas at Dallas, Richardson, TX
Abstract :
In recent years, the issues in web service security have been widely investigated and various security standards have been proposed. But most of these studies and standards focus on the access control policies for individual web services and do not consider the access issues in composed services. Consider a simple service chain where service s1 accesses s2, and s2, in turn, accesses service s3. The information returned from s3 to s2 may be used to compute some results that are further returned to s1. The current web service security framework does not provide any mechanisms to control such an information flow, and hence, sensitive information may be leaked to s1 without the consensus of s3. In this paper, we propose an enhanced security model to facilitate the control of information flow through service chains. It extends the basic security models by introducing the concepts of delegation and pass-on. Based on these concepts, new certificates, certificate chain, delegation and pass-on policies, and how they are used to control the information flow are discussed.
Keywords :
Web services; security of data; Web services; access control policies; delegation; information flow; pass-on; security modeling; security standards; service chains; Access control; Data security; Hospitals; Information analysis; Information security; Performance analysis; Publishing; Service oriented architecture; USA Councils; Web services;
Conference_Titel :
Web Services, 2008. ICWS '08. IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-0-7695-3310-0
Electronic_ISBN :
978-0-7695-3310-0
DOI :
10.1109/ICWS.2008.23
