Title :
Role-based access control system for Web services
Author :
Feng, Xu ; Lin Guoyan ; Hao, Huang ; Li, Xie
Author_Institution :
State Lab. for Novel Software Technol., Nanjing Univ., China
Abstract :
This paper first briefly reviews the state of the security technology research and access control in the Web services environment, and then presents a service-orient role-based access control model and security architecture model for Web services. In this security architecture model, SOAP proxy is employed to enforce access control for Web services and security mechanisms are separated from the business logic. In this paper, a new technology is presented to implement the RBAC on the Web services by designing the secure cookies and secure SOAP messages. Finally, the conclusion is given and the problems are pointed out, which should be resolved in further research.
Keywords :
Internet; authorisation; business data processing; information services; network operating systems; SOAP proxy; Web services environment; business logic; role-based access control system; secure SOAP messages; secure cookies; security architecture model; security technology; service-orient role-based access control model; Access control; Computer architecture; Computer security; Information security; Logic; Sawing machines; Service oriented architecture; Simple object access protocol; Web services; XML;
Conference_Titel :
Computer and Information Technology, 2004. CIT '04. The Fourth International Conference on
Print_ISBN :
0-7695-2216-5
DOI :
10.1109/CIT.2004.1357221
