| The emerging web services technologies has enabled the development of Internet-based applications that integrate distributed and heterogeneous systems and processes which are owned by different organizations.While Web services has been rapidly becoming a fundamental paradigm for developing complex Web applications, several security issues still need to be addressed. Among the various security issues, an important issue is represented by the development of suitable and effective access control models, which are able to restrict access to Web services to authorized users.This paper presents an advanced fine-grained context-aware access control model for Web services. The model is characterized by a number of key features. Firstly, it is derived from the traditional role based control model, including several important factors which are attribute, Web services parameters and context parameters. Secondly, it includes the negotiation capability which can give the user a negotiation proposal when an access request can not be fully accepted. Thirdly, the role mapping mechanism of this model makes it suitable to be used for Web Services Composition.Further more, the paper also outlines the logical architecture of this model and describes one effective implementation method to make it capable for real use. |
PDF Full Text Request