Abstract
Efforts that solve problems regarding the access control for web services are just in their beginning. This paper proposes access control architecture for web services. Rather than basing access solely on the identity of a client the access control decision also takes into account the roles that the client currently holds. The access control architecture is able to discover dynamically what type of authorization is required to access a particular resource; can find all authorizations about a single resource by authorization indexing techniques and can perform the merge and override of multiple authorizations referred to the same object.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
WS-Security, http://msdn.microsoft.com/library/default.asp?url=/library/enus/dnglobspec/html/ws-security.asp (last accessed: 23/9/2003)
XACML, http://www.oasis-open.org/committees/xacml/repository/oasis-xacml-1.0.pdf (last accessed: 23/9/2003)
Hine, J.H., Yao, W., Bacon, J., Moody, K.: An architecture for distributed OASIS services. In: Coulson, G., Sventek, J. (eds.) Middleware 2000. LNCS, vol. 1795, pp. 104–120. Springer, Heidelberg (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yuan, S., Hu, Y. (2004). Access Control Architecture for Web Services. In: Li, M., Sun, XH., Deng, Qn., Ni, J. (eds) Grid and Cooperative Computing. GCC 2003. Lecture Notes in Computer Science, vol 3032. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24679-4_167
Download citation
DOI: https://doi.org/10.1007/978-3-540-24679-4_167
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21988-0
Online ISBN: 978-3-540-24679-4
eBook Packages: Springer Book Archive