By Topic

A Semantic- and Attribute-Based Framework for Web Services Access Control

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Hai-Bo Shen ; Sch. of Comput., Hubei Univ. of Technol., Wuhan, China

Web services over the Internet are widely used nowadays. Controlling access in Web services environment is crucial and a significant challenge because this environment is more dynamic and heterogeneous. Compared with the existing models, attribute-based access control is more appropriate for Web services, but it do not fully exploit the semantic power and reasoning capabilities of emerging web applications. To address these issues, a semantic and attribute-based access control framework (S_ABAC) is presented by combining the attribute-based access control with semantic-based access control in this paper. By extending the eXtensible Access Control Markup Language architecture and representing semantically the resources and users attributes with ontology, S_ABAC can realize semantic and attribute-based access control, and can also provide administratively scalable alternative and semantic interoperability. In the prototype implementation, S_ABAC uses Shibboleth service to address the disclosure issue of the sensitive attributes and also separates ontology management from access management.

Published in:

Intelligent Systems and Applications (ISA), 2010 2nd International Workshop on

Date of Conference:

22-23 May 2010