View article

[PDF] from uma.es

A metadata‐based access control model for web services

Authors

Mariemma I Yagüe, Antonio Maña, Javier Lopez

Publication date

2005/2/1

Journal

Internet research

Volume

Issue

Pages

99-116

Publisher

Emerald Group Publishing Limited

Description

Purpose

–

Provide a secure solution for web services (WS). A new interoperable and distributed access control for WS is presented.

Design/methodology/approach

–

Based on the separation of the access control (AC) and authorization function.

Findings

–

Mechanisms presented allow seamless integration of external authorization entities in the AC system. The Semantic Policy Language (SPL) developed facilitates specification of policies and semantic policy validation. SPL specifications are modular and can be composed without ambiguity. Also addressed was the problem of the association of policies to resources (WS or their operations) in a dynamic, flexible and automated way.

Research limitations/implications

–

The ACProxy component is currently under development. Ongoing work is focused on achieving a richer “use control” for some types of WS.

Practical implications

–

Administrators of WS can specify AC …

Total citations

Cited by 45

20052006200720082009201020112012201320142015201620172018201920202021202220231 7 3 1 1 3 1 2 1 1 1 1 2 3 5 11 1

Scholar articles

A metadata‐based access control model for web services

MI Yagüe, A Maña, J Lopez - Internet research, 2005