Organization-Based Access Control Model For Web Services In E-government

After decades of development, E-government of China has become large-scale,an d is currently in rapid development period because of the country’s highly attention. However, the early unplanned, disorganized constructing led interconnection between di fferent e-government application systems which are builded by some departments to be difficult. With the progress of time, legacy e-government application systems increasi ngly unable to meet the service needs of the public. Therefore, people will try to use Web services technology to integrate legacy systems or reconstruction, so as to provi de the public with more convenient, efficient, high-quality government services.However, in the e-government system based on Web services, the openness of W eb service itself and dynamism of accessible subjects and objects bring security of sys tems big security risk. Existing access control technologies are difficult to ensure secu rity and flexibility authorization of E-government systems based on Web service.To solve the problem of access control and authorization management system We b-based e-government services, the paper analyses the organizational structure of gover nment, e-government system itself as well as the characteristics of a Web-based servic e access control features, and then proposed a organization-based access control model for Web services(WS-OBAC) on the basis of the research of the organization-based4level access control model(OB4LAC).The model takes organization as the core and studies the issue of access control and authorization management from the perspective of management. Through importing the position agent and authorization unit in the model, the authorization could be adj usted according to the change of the environment context information to implement th e dynamic authorization, while taking advantage of the state migration of authorization units, provides support for workflow patterns. Furthermore, the model divides permiss ions into service permissions and service attribute permissions, achieves fine-grained re source protection.Meanwhile, the paper also proposes the WS-OBAC management model(AWS-OB AC), to manage assignment relations among elements such as posts, roles, service pe rmissions and so on in model and hierarchy relations of posts and roles. Finally, the paper explores the application of WS-OBAC model in e-government s ystems, and analysises and designs the authorization management system based on WS-OBAC model, then verifies scientific and practicality of model by practical applicatio n cases.WS-OBAC model is proposed in this paper can be in line with the complex stru cture of e-government system, while protecting Web service resources, make the autho rity more efficient, flexible, so as to ensure the smooth construction of e-government systems based on Web service.