System Maintenance Notice:
Single article purchases and IEEE account management are currently unavailable. We apologize for the inconvenience.
By Topic

A Semantic- and Attribute-Based Framework for Web Services Access Control

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

The purchase and pricing options are temporarily unavailable. Please try again later.
1 Author(s)
Shen Hai-Bo ; Sch. of Comput., Hubei Univ. of Technol., Wuhan, China

Web services over the Internet are widely used nowadays. Controlling access in Web services environment is crucial and a significant challenge because this environment is more dynamic and heterogeneous. Compared with the existing models, attribute-based access control is more appropriate for Web services, but it do not fully exploit the semantic power and reasoning capabilities of emerging web applications. To address these issues, a semantic and attribute-based access control framework (S_ABAC) is presented by combining the attribute-based access control with semantic-based access control in this paper. By extending the eXtensible Access Control Markup Language architecture and representing semantically the resources and users attributes with ontology, S_ABAC can realize semantic and attribute-based access control, and can also provide administratively scalable alternative and semantic interoperability. In the prototype implementation, S_ABAC uses Shibboleth service to address the disclosure issue of the sensitive attributes and also separates ontology management from access management.

Published in:

Intelligent Systems and Applications (ISA), 2010 2nd International Workshop on

Date of Conference:

22-23 May 2010