Context-Driven Policy Enforcement and Reconciliation for Web Services
نویسندگان
چکیده
Security of Web services is a major factor to their successful integration into critical IT applications. An extensive research in this direction concentrates on low level aspects of security such as message secrecy, data integrity, and authentication. Thus, proposed solutions are mainly built upon the assumption that security mechanisms are static and predefined. However, the dynamic nature of the Internet and the continuously changing environments where Web services operate require innovative and adaptive security solutions. This paper presents our solution for securing Web services based on adaptive policies, where adaptability is satisfied using the contextual information of the Web services. The proposed solution includes a negotiation and reconciliation protocol for security policies.
منابع مشابه
A Semantic Context-Based Model for Mobile Web Services Access Control
As mobile web services becomes more pervasive, applications based on mobile web services will need flexible access control mechanisms. Unlike traditional approaches based on the identity or role for access control, access decisions for these applications will depend on the combination of the required attributes of users and the contextual information. This paper proposes a semantic context-base...
متن کاملA Policy-Based Authorization System for Web Services: Integrating X-GTRBAC and WS-Policy
Authorization and access control in Web services is complicated by the unique requirements of the dynamic Web services paradigm. Amongst them is the requirement for a context-aware access control specification and a processing model to apply fine-grained access control on various components of a Web service. In this paper, we address these two requirements and present a policy-based authorizati...
متن کاملA Context-Based and Policy-Driven Method to Design and Develop Composite Web Services
Web services are nowadays attracting the attention of both academia and industry. However, a very little has so far been accomplished in terms of design and development methods that assist those who are responsible for specifying and running applications based on Web services. For this purpose, we developed CP4WS that stands for Context and Policy for Web Services. CP4WS is a context-based and ...
متن کاملA procedure for Web Service Selection Using WS-Policy Semantic Matching
In general, Policy-based approaches play an important role in the management of web services, for instance, in the choice of semantic web service and quality of services (QoS) in particular. The present research work illustrates a procedure for the web service selection among functionality similar web services based on WS-Policy semantic matching. In this study, the procedure of WS-Policy publi...
متن کاملA model for specification, composition and verification of access control policies and its application to web services
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006