A new method for consistency of access control in web services

被引：0

作者：

Bagheri, Esmaeil ^{[1
]}

Babaei, Saeid ^{[1
]}

Khayyambashi, Mohammad Reza ^{[2
]}

机构：

[1] Islamic Azad Univ Najafabad, Young Researchers Club, Najafabad, Iran

[2] Univ Isfahan, Fac Engn, Dept Comp, Esfahan, Iran

来源：

2009 2ND IEEE INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND INFORMATION TECHNOLOGY, VOL 4 | 2009年

关键词：

Authorization; Access Control; Web service;

D O I：

10.1109/ICCSIT.2009.5234486

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Web services provide easy access to functions or data with acceptable outlay for organizations. Web services widely cooperate and produce big distributed programs and invite users for enter and access to integrate system, its not important that this persons who are. Users can be good or bad customers or partners that want damage system or its data. So that suppression of unallowable accesses and security is one of important problems to use web services. One of existent security problems in web services is infirmity of access control systems. Different organizations have different roles so attribute or roles of users mapping between different systems is difficult. Use of methods regimentation, trust, publishing roles based on jobs, roles local mapping, role based access control and attachment of assertions with requests, is presented a method for obviation this problem and improving access control in web services.

引用

页码：567 / +

页数：2

共 9 条

[1] [Anonymous], 2004, Securing Web services with WS-Security: demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption
[2] CURCIN V, 2005, WEB SERVICES LIFE SC
[3] Deitel H.M., 2003, Web Services: A Technical Introduction
[4] GUTIERREZ C, 2004, INFORM SECURITY J
[5] KING S, 2005, THREATS SOLUTIONS WE
[6] MERRELLS J, 2004, WEB SERVICES SECURIT
[7] PATTERSON S, 2005, SECURITY AUTHORIZATI
[8] ROWAN L, 2005, NETWORK SECURITY JUN
[9] Samarati P., 2000, INT SCH FDN SECUR AN, P137, DOI DOI 10.1007/3-540-45608-23

← 1 →