A policy based access control model for web services

Access control security is one of the important aspects in Service Oriented Architecture (SOA) that is considered as a challenge. This issue requires further attention and review because of the architecture´s distributed nature, its high re-usability, simple accessibility and the autonomy of logical solutions units. Since the most important way for implementing SOA is the use of web services, in this paper we propose an access control model for web services to protect services and to adopt some policies on the applications using SAML and XACML standard languages. This model is defined in terms of its authentication, authorization architecture and policy formulation. Separation of duties (SoD) is a security principle that has been used extensively to prevent conflict of interest, fraud and error control in organizations. In recent years many IT organizations have struggled to identify potential SoD violations within their IT systems. Hence we propose an approach to defining SoD policy rules in our model.