A comparison of modeling strategies in defining XML-based access control languages
نویسندگان
چکیده
One of the most important features of XML-based Web services is that they can be easily accessed over the Internet, but this makes them vulnerable to a series of security threats. What makes security for web services so challenging is their distributed and heterogeneous nature. Access control policy specification for controlling access to Web services is then becoming an emergent research area due to the rapid development of Web services in modern economy. Two relevant access control languages using XML are WS-Policy and XACML. The main conceptual difference between these two languages is that while XACML is based on a well-defined model that provides a formal representation of the access control security policy and its working, WS-Policy has been developed without taking into consideration this modeling phase. In this paper, we critique WS-Policy pointing out some of its shortcomings. We then describe the architecture we implemented and that offers an interface for controlling access to Web services.
منابع مشابه
Defining and Enforcing XACML Role-based Security Policies within an XML Security Framework
Securing electronic data has evolved into an important requirement in domains such as health care informatics, with the eXtensible Markup Language (XML) utilized to create standards such as the Clinical Document Architecture and the Continuity of Care Record, which have led to a need for approaches to secure XML schemas and documents. In this paper, we present a method for generating eXtensible...
متن کاملA diagrammatic notation for modeling access control in tree-based data structures
In modern multi-user computer and network systems, access control is an important aspect of the overall security of a given system. The problem is that as the number of users and systems that are being controlled increases, it can quickly become difficult to keep track of exactly who has access to what. Another problem is that with todays heterogeneous systems, systems of the same type but from...
متن کاملAn Evaluation of RBAC Policy Languages for Web Applications
The rapid growth of the Internet and a range of web applications bring the urgency of security issues, especially for access control. Role-based Access Control (RBAC) is recognized as a superior alternative and less error-prone to traditional discretionary and mandatory access controls. In this paper, we examine the representation of RBAC policies in web applications under distributed environme...
متن کاملAccess Control Policies and Languages in Open Environments
One of the most challenging problems in managing large, distributed, and heterogeneous networked systems is specifying and enforcing access control security policies regulating interactions between parties and access to services and resources. Recent proposals for specifying and exchanging access control policies adopt different types of access control languages. In this chapter, we review thre...
متن کاملXML-Based Access Control Languages
One of the most challenging problems in managing large, distributed, and heterogeneous networked systems is specifying and enforcing security policies regulating interactions between parties and access to services and resources. Recent proposals for specifying and exchanging access control policies adopt XML-based languages. XML appears in fact a natural choice as the basis for the common secur...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Comput. Syst. Sci. Eng.
دوره 19 شماره
صفحات -
تاریخ انتشار 2004