• DocumentCode
    3342573
  • Title

    A Theory of Role Composition

  • Author

    Fischer, Jeffrey ; Majumdar, Rupak

  • Author_Institution
    Univ. of California, Los Angeles, CA
  • fYear
    2008
  • fDate
    23-26 Sept. 2008
  • Firstpage
    320
  • Lastpage
    328
  • Abstract
    We study the access control integration problem for web services. Organizations frequently use many services, each with its own access control policies, which must interoperate while maintaining secure access to information. The integration problem is to take the set of such services and to find a globally consistent access control policy that ensures that the system composed from the services does not have any authorization failures or information disclosures. We give a sound and complete algorithm for access control integration by reducing the problem to Boolean constraint solving. We have implemented ROLEMATCHER, a tool to infer global role-based access control schemas for a set of services, and show on examples that it can quickly infer global roles for composed systems, or determine the absence of a globally consistent role schema.
  • Keywords
    Web services; authorisation; constraint handling; Boolean constraint solving; Web services; access control integration; role composition; Access control; Authorization; Data security; Error correction; Inference algorithms; Information security; Permission; Portals; System testing; Web services; access control; formal methods; web services;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Web Services, 2008. ICWS '08. IEEE International Conference on
  • Conference_Location
    Beijing
  • Print_ISBN
    978-0-7695-3310-0
  • Electronic_ISBN
    978-0-7695-3310-0
  • Type

    conf

  • DOI
    10.1109/ICWS.2008.40
  • Filename
    4670191