Title :
An Attribute-Based Access Control Model for Web Services
Author :
Shen, Hai-bo ; Fan Hong
Author_Institution :
Sch. of Comput., Huazhong Univ. of Sci. & Technol., Wuhan
Abstract :
Web service is a new service-oriented computing paradigm which poses the unique security challenges due to its inherent heterogeneity, multi-domain characteristic and highly dynamic nature. A key challenge in Web services security is the design of effective access control schemes. However, most current access control systems base authorization decisions on subject´s identity. Administrative scalability and control granularity are serious problems in those systems, and they are not fit for Web services environment. So an attribute-based access control model (WS-ABAC) is presented to address these issues in this paper. WS-ABAC grants access to services based on attributes of the related entities, and uses automated trust negotiation mechanism to address the disclosure issue of the sensitive attributes. It can provide administratively scalable alternative to identity-based authorization methods and provide fine-grained access control for Web services. Moreover, it also can protect user´s privacy
Keywords :
Web services; access control; authorisation; data privacy; Web services; administrative scalability; attribute-based access control; authorization; automated trust negotiation; control granularity; service-oriented computing; users privacy; Access control; Authorization; Automatic control; Computer security; Control systems; Electronic mail; Privacy; Protection; Scalability; Web services; Attribute-Based Access Control; Automated Trust Negotiation; Web Services; XACML;
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies, 2006. PDCAT '06. Seventh International Conference on
Conference_Location :
Taipei
Print_ISBN :
0-7695-2736-1
DOI :
10.1109/PDCAT.2006.28
