Context-aware Access Control Policy Research for Web Service

Author

Li, Huabo ; Yang, Yun ; He, Zhengqiu ; Hu, Guyu

Author_Institution

Inst. of Command Autom., PLAUST, Nanjing, China

fYear

2011

fDate

21-23 Oct. 2011

Firstpage

529

Lastpage

532

Abstract

Web service environment is characterized by its openness and distribution, in which the interacting entities usually have little knowledge about each other and may be in different domains, so the access control for web service has become a challenging problem that needs to be addressed properly. In this paper, an access control policy model based on context and role is proposed that can be appropriate for web service. The model takes context as the center to define and perform access control policies. It uses the contexts of user, environment and resource to execute dynamic roles assignment and constrain the authorization decision. Furthermore, Description Logic is adopted as the policy language to formalize the model. A series of access control policy axioms are defined and the reasoning method is proposed. Experiment result has proved the feasibility and validity of the presented method.

Keywords

Web services; authorisation; formal languages; inference mechanisms; Web service environment; authorization decision; context-aware access control policy research; description logic; dynamic roles assignment; policy language; reasoning method; Authorization; Cognition; Computer science; Context; Context modeling; Web services; access control; context; web service;

fLanguage

English

Publisher

ieee

Conference_Titel

Instrumentation, Measurement, Computer, Communication and Control, 2011 First International Conference on

Conference_Location

Beijing

Print_ISBN

978-0-7695-4519-6

Type

conf

DOI

10.1109/IMCCC.2011.137

Filename

6154162