Skip to Main Content
Web service environment is characterized by its openness and distribution, in which the interacting entities usually have little knowledge about each other and may be in different domains, so the access control for web service has become a challenging problem that needs to be addressed properly. In this paper, an access control policy model based on context and role is proposed that can be appropriate for web service. The model takes context as the center to define and perform access control policies. It uses the contexts of user, environment and resource to execute dynamic roles assignment and constrain the authorization decision. Furthermore, Description Logic is adopted as the policy language to formalize the model. A series of access control policy axioms are defined and the reasoning method is proposed. Experiment result has proved the feasibility and validity of the presented method.