{"title":"web服务中基于操作级别角色的访问控制机制","authors":"R. Patel, Urjita Thakar, V. Tewari","doi":"10.1109/CSNT.2017.8418571","DOIUrl":null,"url":null,"abstract":"Many online businesses offer their functionality as web services. Due to the ubiquitous presence of web services security, especially the service access control is becoming a serious issue. Traditionally, access control was applied on a complete web service which contains a number of operations where each operation offers some special functionality. If access is to be given to a user for few selected operations then separate web services need to be offered corresponding to these operations. Due to this, large number of web services with small functionalities need to be deployed. Since these large number of services need to be published in the UDDI registry, it becomes bulky. Also, for each operation, separate invocation of each service is to be made. Existing most of the access control systems are identity based in which decision is taken on the basis of subject identity. With the increase in number of users, Role Based Access Control (RBAC) is useful as it provides access control to a group instead of individual users and is also easy to scale. In this work, a method has been proposed to provide more fine grained access control on web services at operations level based on roles by extending XACML policy specifications.","PeriodicalId":382417,"journal":{"name":"2017 7th International Conference on Communication Systems and Network Technologies (CSNT)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A mechanism for operation level role based access control in web services\",\"authors\":\"R. Patel, Urjita Thakar, V. Tewari\",\"doi\":\"10.1109/CSNT.2017.8418571\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Many online businesses offer their functionality as web services. Due to the ubiquitous presence of web services security, especially the service access control is becoming a serious issue. Traditionally, access control was applied on a complete web service which contains a number of operations where each operation offers some special functionality. If access is to be given to a user for few selected operations then separate web services need to be offered corresponding to these operations. Due to this, large number of web services with small functionalities need to be deployed. Since these large number of services need to be published in the UDDI registry, it becomes bulky. Also, for each operation, separate invocation of each service is to be made. Existing most of the access control systems are identity based in which decision is taken on the basis of subject identity. With the increase in number of users, Role Based Access Control (RBAC) is useful as it provides access control to a group instead of individual users and is also easy to scale. In this work, a method has been proposed to provide more fine grained access control on web services at operations level based on roles by extending XACML policy specifications.\",\"PeriodicalId\":382417,\"journal\":{\"name\":\"2017 7th International Conference on Communication Systems and Network Technologies (CSNT)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 7th International Conference on Communication Systems and Network Technologies (CSNT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSNT.2017.8418571\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 7th International Conference on Communication Systems and Network Technologies (CSNT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSNT.2017.8418571","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A mechanism for operation level role based access control in web services
Many online businesses offer their functionality as web services. Due to the ubiquitous presence of web services security, especially the service access control is becoming a serious issue. Traditionally, access control was applied on a complete web service which contains a number of operations where each operation offers some special functionality. If access is to be given to a user for few selected operations then separate web services need to be offered corresponding to these operations. Due to this, large number of web services with small functionalities need to be deployed. Since these large number of services need to be published in the UDDI registry, it becomes bulky. Also, for each operation, separate invocation of each service is to be made. Existing most of the access control systems are identity based in which decision is taken on the basis of subject identity. With the increase in number of users, Role Based Access Control (RBAC) is useful as it provides access control to a group instead of individual users and is also easy to scale. In this work, a method has been proposed to provide more fine grained access control on web services at operations level based on roles by extending XACML policy specifications.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
