By Topic

A policy based access control model for web services

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Alipour, H.S. ; Qazvin Islamic Azad Univ., Qazvin, Iran ; Sabbari, M. ; Nazemi, E.

Access control security is one of the important aspects in Service Oriented Architecture (SOA) that is considered as a challenge. This issue requires further attention and review because of the architecture's distributed nature, its high re-usability, simple accessibility and the autonomy of logical solutions units. Since the most important way for implementing SOA is the use of web services, in this paper we propose an access control model for web services to protect services and to adopt some policies on the applications using SAML and XACML standard languages. This model is defined in terms of its authentication, authorization architecture and policy formulation. Separation of duties (SoD) is a security principle that has been used extensively to prevent conflict of interest, fraud and error control in organizations. In recent years many IT organizations have struggled to identify potential SoD violations within their IT systems. Hence we propose an approach to defining SoD policy rules in our model.

Published in:

Internet Technology and Secured Transactions (ICITST), 2011 International Conference for

Date of Conference:

11-14 Dec. 2011