671
views
0
recommends
+1 Recommend
1 collections
    0
    shares
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      A Semantic Approach for Access Control in Web Services

      proceedings-article

      ,

      EuroWeb 2002 Conference (EW)

      EuroWeb

      17-18 December 2002

      Bookmark

            Abstract

            One of the most important features of XML Web services is that they can be easily accessed over the Internet, but this makes them vulnerable to a series of security threats. What makes security for web services so challenging is their distributed and heterogeneous nature. In this sense, this paper presents an access control system for Web services. We introduce the Semantic Policy Language (SPL) for the description of access control criteria based on the use of attribute certificates. This language has been specifically designed to take advantage of semantic information about resources and the context to achieve full (syntactic and semantic) validation of policies. Furthermore, another objective in its design has been to facilitate the security management. In particular, SPL is modular, enables the abstraction and reuse of components, the composition of SPL policies in an unambiguous way, and the dynamic instantiation of parameters based on semantic properties about resources. Finally, the semantic integration of a Privilege Management Infrastructure (PMI) in access control systems of heterogeneous Web services built upon SPL enables their interoperability.

            Content

            Author and article information

            Contributors
            Conference
            December 2002
            December 2002
            : 1-9
            Affiliations
            [0001]Computer Science Department, University of Málaga, Málaga, Spain
            Article
            10.14236/ewic/EW2002.3
            5515448c-b780-46b4-ba07-f698d9230a27
            © M. I. Yagüe et al. Published by BCS Learning and Development Ltd. EuroWeb 2002 Conference

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            EuroWeb 2002 Conference
            EW
            St Anne’s College, Oxford, UK
            17-18 December 2002
            Electronic Workshops in Computing (eWiC)
            EuroWeb
            Product
            Product Information: 1477-9358BCS Learning & Development
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            Comments

            Comment on this article