Referenced Items are not available for this document.
Web service is a new service-oriented computing paradigm which poses the unique security challenges due to its inherent heterogeneity, multi-domain characteristic and highly dynamic nature. A key challenge in Web services security is the design of effective access control schemes. However, most current access control systems base authorization decisions on subject's identity. Administrative scalability and control granularity are serious problems in those systems, and they are not fit for Web services environment. So an attribute-based access control model (WS-ABAC) is presented to address these issues in this paper. WS-ABAC grants access to services based on attributes of the related entities, and uses automated trust negotiation mechanism to address the disclosure issue of the sensitive attributes. It can provide administratively scalable alternative to identity-based authorization methods and provide fine-grained access control for Web services. Moreover, it also can protect user's privacy
Published in:
Parallel and Distributed Computing, Applications and Technologies, 2006. PDCAT '06. Seventh International Conference on
Date of Conference: Dec. 2006
- Page(s):
- 74 - 79
- Print ISBN:
- 0-7695-2736-1
- INSPEC Accession Number:
- 9308546
- Conference Location :
- Taipei
- Digital Object Identifier :
- 10.1109/PDCAT.2006.28
- Product Type:
- Conference Publications
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
