Abstract
This paper presents an extended Role-Based Access Control (RBAC) model for efficient authorization of rich presence using secure web services composed with an abstract presence data model. Following the information symmetry principle, the standard RBAC model is extended to support context sensitive social relations and cascaded authority. In conjunction with the extended RBAC model, we introduce an extensible presence architecture prototype using WS-Security and WS-Eventing to secure rich presence information exchanges based on PKI certificates. Applications and performance measurements of our presence system are presented to show that the proposed RBAC framework for presence and collaboration is well suited for real-time communication and collaboration.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Android - An Open Handset Alliance Project, http://code.google.com/android/
Beltran, V., Paradells, J.: Middleware-Based Solution to Offer Mobile Presence Services. In: Mobileware 2008 (February 2008)
Chen, L., Crampton, J.: On Spatio-Temporal Constraints and Inheritance in Role-Based Access Control. In: ASIACCS 2008, March 2008, pp. 205–216 (2008)
Chou, W., Li, L., Liu, F.: Web Services Methods for Communication over IP. In: ICWS 2007, Salt Lake City, July 2007, pp. 372–379 (2007)
Chou, W., Li, L.: WIPdroid – a two-way web services and real-time communication enabled mobile computing platform for distributed services computing. In: Proceedings of International Conference on Services Computing 2008, July 2008, vol. 2, pp. 205–212 (2008)
Day, M., Rosenberg, J., Sugano, H.: A Model for Presence and Instant Messaging. RFC 2778 (February 2000)
Godefroid, P., Herbsleb, J.D., Jagadeesan, L.J., Li, D.: Ensuring Privacy in Presence Awareness Systems: An Automated Verification Approach. In: Proceedings of the 2000 ACM conference on Computer supported cooperative work, pp. 59–68 (2000)
Hong, J.I., Ng, J.D., Ledere, S., Landay, J.A.: Privacy Risk odels for Designing Privacy-Sensitive Ubiquitous Computing Systems. In: DIS 2004, August 1-4, pp. 91–100 (2004)
Jorns, O.: Privacy Enhancing Architectures Overview. In: Intensive Program on Information and Communication Security: Secure Embedded Systems (IPICS 2004), November 25 (2004)
Langheinrich, M.: Privacy by Design – Principles of Privacy-Aware Ubiquitous Systems. In: Proceedings of the 3rd international conference on Ubiquitous Computing, pp. 273–291 (2001)
Lederer, S., Hong, J.I., Dey, A.K., Landay, J.A.: Personal privacy through understanding and action: five pitfalls for designers. Personal and Ubiquitous Computing 8(6), 440–454 (2004)
Ni, Q., Trombetta, A.: Privacy-aware Role Based Access Control. In: SACMAT 2007, June 2007, pp. 41–50 (2007)
Ni, Q., et al.: Conditional Privacy-Aware Role Based Access Control. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 72–89. Springer, Heidelberg (2007)
Parlay, X.: Draft ETSI ES 202 391-14 v0.0.8 (2007-06), Open Service Access (OSA), Parlay X Web Services, Part 14: Presence, Parlay X 2 (2007)
Rosenberg, J.: Request for Comments: 3856, A Presence Event Package for the Session Initiation Protocol (SIP) (August 2004)
Rosenberg, J.: Request for Comments: 5025, Presence Authorization Rules (December 2007)
Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST Model for Role-Based Access Control: Towards A Unified Standard. In: Proceedings of 5th ACM Workshop on Role Based Access Control, July 26-27 (2000)
Singh, V.K., Schulzrinne, H.: A Survey of Security Issues and Solutions in Presence (2006), http://www1.cs.columbia.edu/~vs2140/presence/presencesecurity.pdf
UDDI Version 2.04 API Specification, UDDI Committee Specification (July 19, 2002)
Hengartner, U., Steenkiste, P.: Implementing Access Control to People Location Information. In: SACMAT 2004, pp. 11–20 (June 2004)
Web Services Security: SOAP Message Security 1.1 (WS-Security 2004), OASIS Standard Specification, February 1 (2006)
Web Services Eventing (WS-Eventing), W3C Member Submission, March 15 (2006)
Zhang, Y., Joshi, J.B.D.: UAQ: A Framework for User Authorization Query Processing in RBAC extended with Hybrid Hierarchy and Constraints. In: SACMAT 2008, pp. 83–91 (June 2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, L., Chou, W. (2010). Efficient Authorization of Rich Presence Using Secure and Composed Web Services. In: Cordeiro, J., Filipe, J. (eds) Web Information Systems and Technologies. WEBIST 2009. Lecture Notes in Business Information Processing, vol 45. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12436-5_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-12436-5_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12435-8
Online ISBN: 978-3-642-12436-5
eBook Packages: Computer ScienceComputer Science (R0)