DocumentCode
3342573
Title
A Theory of Role Composition
Author
Fischer, Jeffrey ; Majumdar, Rupak
Author_Institution
Univ. of California, Los Angeles, CA
fYear
2008
fDate
23-26 Sept. 2008
Firstpage
320
Lastpage
328
Abstract
We study the access control integration problem for web services. Organizations frequently use many services, each with its own access control policies, which must interoperate while maintaining secure access to information. The integration problem is to take the set of such services and to find a globally consistent access control policy that ensures that the system composed from the services does not have any authorization failures or information disclosures. We give a sound and complete algorithm for access control integration by reducing the problem to Boolean constraint solving. We have implemented ROLEMATCHER, a tool to infer global role-based access control schemas for a set of services, and show on examples that it can quickly infer global roles for composed systems, or determine the absence of a globally consistent role schema.
Keywords
Web services; authorisation; constraint handling; Boolean constraint solving; Web services; access control integration; role composition; Access control; Authorization; Data security; Error correction; Inference algorithms; Information security; Permission; Portals; System testing; Web services; access control; formal methods; web services;
fLanguage
English
Publisher
ieee
Conference_Titel
Web Services, 2008. ICWS '08. IEEE International Conference on
Conference_Location
Beijing
Print_ISBN
978-0-7695-3310-0
Electronic_ISBN
978-0-7695-3310-0
Type
conf
DOI
10.1109/ICWS.2008.40
Filename
4670191
Link To Document