A Logic-Based Access Control Approach For Web Services

13 years 8 months ago
A Logic-Based Access Control Approach For Web Services
Web Services technology enables organisations to exploit software as a service. Services are accessed by method invocations. Method interfaces are described and published, and may be freely available. In Web Services environments, access control is required to cross the borders of security domains, to be implemented between heterogeneous systems. Interaction is between remotely located parties who may know little about each other. Access control generally assumes that identity is established. To overcome the limitations of identity-based solutions, domain-independent access control information is added to a message. As a Web Service endpoint is required to integrate such information into its access control decision-making process, issues arise such as; whom to accept access control information from; what the format of such information must be; how to inform the requestor of the format; and how to give access to methods based on presented access control information. To address such iss...
Marijke Coetzee
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2004
Where ISSA
Authors Marijke Coetzee
Comments (0)