A REUSABLE INTELLIGENT AUTHORIZATION DESIGN FOR WEB SERVICES SOFTWARE SECURITY

Weider D. Yu; Archana Mansukhani

doi:10.5220/0001408202980303

A REUSABLE INTELLIGENT AUTHORIZATION DESIGN FOR WEB SERVICES SOFTWARE SECURITY

Weider D. Yu, Archana Mansukhani

2005

Abstract

Web services are a new way of thinking in distributed computing. They are an important step towards service-oriented architecture (SOA). Web services are used to obtain service in an open, platform independent way. Recent focus on web services has been in the area of security, which is an ongoing concern in many areas and is very pertinent to web services technology. This paper describes the design of a reusable authorization layer for web services software. This layer resides separate from the web services themselves and uses a rule based inference engine for determining authorization and access rights. It also uses different types of access control to formulate feature-rich rules.

References

Alotaiby, F.T., Chen, J.X. 2004. “A Model for Teambased Access Control (TMAC2004),” Proc. Of IEEE Information Technology: Coding and Computing, pp. 450-454.
Chaari, S. et al., 2004. “An authorization and access control model for workflow,” Proc. Of IEEE Control, Comm. and Signal Processing, pp. 141- 148.
Chandramouli, R., 2001. “A framework for multiple authorization types in a healthcare Application system,” Proc. Of Computer Security Applications Conference, pp. 137-148.
Indrakanti, S. et al., 2004. “Authorization service for web services and its Implementation,” Proc. Of IEEE International Web Services Conference, 2004. pp. 774 - 777.
Mattas, A.K. et al., 2003. “Towards dynamically administered role-based access control,” Proc. Of 14th International Workshop in Database and Expert Sys. Applications, pp. 494-498.
Motta, G.H. Furuie, S.S., 2003. “A contextual role-based control authorization model for electronic patient record,” IEEE Trans. on Inform. Technology in Biomedicine, vol. 7, no. 3, 202 - 207.
Moyer, M.J., Abamad, M., 2001. “Generalized role-based access control,” Proc. Of 21st International Conference on Distributed Computing Systems, pp. 391-398.
http://www.oasis-open.org/committees/ download.php/2406/oasis-xacml-1.0.pdf.
http://www.oasis- open.org/committees/ download.php/11902/saml-2.0-os.zip

Download

Paper Citation

in Harvard Style

D. Yu W. and Mansukhani A. (2005). A REUSABLE INTELLIGENT AUTHORIZATION DESIGN FOR WEB SERVICES SOFTWARE SECURITY . In Proceedings of the Second International Conference on e-Business and Telecommunication Networks - Volume 1: ICETE, ISBN 972-8865-32-5, pages 298-303. DOI: 10.5220/0001408202980303

in Bibtex Style

@conference{icete05,
author={Weider D. Yu and Archana Mansukhani},
title={A REUSABLE INTELLIGENT AUTHORIZATION DESIGN FOR WEB SERVICES SOFTWARE SECURITY},
booktitle={Proceedings of the Second International Conference on e-Business and Telecommunication Networks - Volume 1: ICETE,},
year={2005},
pages={298-303},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001408202980303},
isbn={972-8865-32-5},
}

in EndNote Style

TY - CONF
JO - Proceedings of the Second International Conference on e-Business and Telecommunication Networks - Volume 1: ICETE,
TI - A REUSABLE INTELLIGENT AUTHORIZATION DESIGN FOR WEB SERVICES SOFTWARE SECURITY
SN - 972-8865-32-5
AU - D. Yu W.
AU - Mansukhani A.
PY - 2005
SP - 298
EP - 303
DO - 10.5220/0001408202980303