Authors
Mariemma I Yagüe, Antonio Maña, Javier Lopez
Publication date
2005/2/1
Journal
Internet research
Volume
15
Issue
1
Pages
99-116
Publisher
Emerald Group Publishing Limited
Description
Purpose
–
Provide a secure solution for web services (WS). A new interoperable and distributed access control for WS is presented.
Design/methodology/approach
–
Based on the separation of the access control (AC) and authorization function.
Findings
–
Mechanisms presented allow seamless integration of external authorization entities in the AC system. The Semantic Policy Language (SPL) developed facilitates specification of policies and semantic policy validation. SPL specifications are modular and can be composed without ambiguity. Also addressed was the problem of the association of policies to resources (WS or their operations) in a dynamic, flexible and automated way.
Research limitations/implications
–
The ACProxy component is currently under development. Ongoing work is focused on achieving a richer “use control” for some types of WS.
Practical implications
–
Administrators of WS can specify AC …
Total citations
Scholar articles
MI Yagüe, A Maña, J Lopez - Internet research, 2005