By Topic

A fine-grained access control model for Web services

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Bertino, E. ; Dept. of Comput. Sci., Purdue Univ., West Lafayette, IN, USA ; Squicciarini, A.C. ; Mevi, D.

The emerging Web service technology has enabled the development of Internet-based applications that integrate distributed and heterogeneous systems and processes, which are owned by different organizations. However, while Web services are rapidly becoming a fundamental paradigm for the development of complex Web applications, several security issues still need to be addressed. Among the various open issues concerning security, an important issue is represented by the development of suitable access control models, able to restrict access to Web services to authorized users. We present an innovative access control model for Web services. The model is characterized by a number of key features, including identity attributes and service negotiation capabilities. We also discuss an architecture implementing the model and we propose the use of a certificate scheme able to support the exchange and verification of subject attributes.

Published in:

Services Computing, 2004. (SCC 2004). Proceedings. 2004 IEEE International Conference on

Date of Conference:

15-18 Sept. 2004