By Topic

A trust-based context-aware access control model for Web-services

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
R. Bhatti ; Sch. of Electr. & Comput. Eng., Purdue Univ., West Lafayette, IN, USA ; E. Bertino ; A. Ghafoor

A key challenge in Web services security is the design of effective access control schemes that can adequately meet the unique security challenges posed by the Web services paradigm. Despite the recent advances in Web based access control approaches applicable to Web services, there remain issues that impede the development of effective access control models for Web services environment. Amongst them are the lack of context-aware models for access control, and reliance on identity or capability-based access control schemes. In this paper, we motivate the design of an access control scheme that addresses these issues, and propose an extended, trust-enhanced version of our XML-based role based access control (X-RBAC) framework that incorporates context-based access control. We outline the configuration mechanism needed to apply our model to the Web services environment, and also describe the implementation architecture for the system.

Published in:

Web Services, 2004. Proceedings. IEEE International Conference on

Date of Conference:

6-9 July 2004