Rule based Security Policy management for Web Service Integration
نویسندگان
چکیده
With the prevalence of loosely coupled web service composition in the service oriented infrastructure, distributed security management has become important to offer flexible web security. In our project affiliated with NatureServe [2], we developed a XACML [3, 4] policy oriented security system to provide trust data service to 75 network partners in the Natural Heritage Program [1]. A Horn Logic based rule inference engine extension to XACML model is used to solve the possible policy conflicts over context and semantics in the key decision making step. Approaches to facilitate such decision making process in various ways by using the extension are illustrated.
منابع مشابه
A procedure for Web Service Selection Using WS-Policy Semantic Matching
In general, Policy-based approaches play an important role in the management of web services, for instance, in the choice of semantic web service and quality of services (QoS) in particular. The present research work illustrates a procedure for the web service selection among functionality similar web services based on WS-Policy semantic matching. In this study, the procedure of WS-Policy publi...
متن کاملA security gateway for web service protocols
The advent of Web Services and service-oriented architectures is fundamentally changing the way we build our internal systems and how internal and external systems interact with each other. To reduce the costs of software systems while at the same time increasing the capabilities of the systems, more and more companies and organisations are adopting their IT systems to Web Service technologies....
متن کاملOn the Application of the Semantic Web Rule Language in the Definition of Policies for System Security Management
The adoption of a policy-based approach for the dynamic regulation of a system or service (e.g. security, QoS or mobility service) requires an appropriate policy representation and processing. In the context of the Semantic Web, the representation power of languages enriched with semantics (i.e. semantic languages), together with the availability of suitable interpreters, make such kind of lang...
متن کاملامنیت اطلاعات سامانه های تحت وب نهاد کتابخانه های عمومی کشور
Purpose: This paper aims to evaluate the security of web-based information systems of Iran Public Libraries Foundation (IPLF). Methodology: Survey method was used as a method for implementation. The tool for data collection was a questionnaire, based on the standard ISO/IEC 27002, that has the eleven indicators and 79 sub-criteria, which examines security of web-based information systems of IP...
متن کاملRule-Based Policy Representation and Reasoning for the Semantic Web
The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactions without human intervention, by providing machines not only with data but also with its meaning (semantics). In this setting, traditional security mechanisms are not suitable anymore. For example, identity-based access control assumes that parties are known in advance. Then, a machine first determines t...
متن کامل