Title :
An extended RBAC model for Web services in business process
Author :
Liu, Peng ; Chen, Zhong
Author_Institution :
Comput. Sci. Dept., Peking Univ., Beijing
Abstract :
Web services are widely accepted and adopted to provide business functionality in business world. Especially, Web service is chosen to compose business process by companies to achieve their business objectives. Business process contains a set of activities, which represent business interactions between Web services spanning company boundaries. As Web services are built in open distributed environment, it is apt to cause security concerns. Security problems mainly prevent many companies from implementing Web services. This paper proposes an extended RBAC model, called WS-RBAC4BP, to protect Web services in business process. In this model, companies and Web services are considered as subjects and protected objects, respectively. New types of constraints are introduced. Furthermore, the system architecture of WS-RABC4BP is presented. This paper also gives examples to illustrate the model
Keywords :
Internet; authorisation; business data processing; interactive systems; open systems; Web services; business interactions; business process; open distributed environment; role-based access control model; security standards; Access control; Companies; Computer science; Costs; Information security; Middleware; Protection; Simple object access protocol; Web services; XML;
Conference_Titel :
E-Commerce Technology for Dynamic E-Business, 2004. IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
0-7695-2206-8
DOI :
10.1109/CEC-EAST.2004.17
