具有属性披露限制的Web服务访问控制模型

The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI:10.1109/ARES.2007.31

Vipin Singh Mewar, Subhendu Aich, S. Sural

{"title":"具有属性披露限制的Web服务访问控制模型","authors":"Vipin Singh Mewar, Subhendu Aich, S. Sural","doi":"10.1109/ARES.2007.31","DOIUrl":null,"url":null,"abstract":"Web service is a programmable interface accessible through a network. In this paper we focus on the scenario in which different organizations use Web services to collaborate, share knowledge, integrate services and for providing value added services to customers. As a test case, we consider health care application in which different hospitals can give various types of services to other hospitals. We find attribute based access control (ABAC) model to be quite suitable for access control in Web services. However, there is a need to enforce user's security policy to decide only which attributes should be disclosed so that users can reveal their attributes to service providers according to their need. We extend the ABAC model with user attribute disclosure restriction and propose a framework for defining and applying security policies","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"Access Control Model for Web Services with Attribute Disclosure Restriction\",\"authors\":\"Vipin Singh Mewar, Subhendu Aich, S. Sural\",\"doi\":\"10.1109/ARES.2007.31\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Web service is a programmable interface accessible through a network. In this paper we focus on the scenario in which different organizations use Web services to collaborate, share knowledge, integrate services and for providing value added services to customers. As a test case, we consider health care application in which different hospitals can give various types of services to other hospitals. We find attribute based access control (ABAC) model to be quite suitable for access control in Web services. However, there is a need to enforce user's security policy to decide only which attributes should be disclosed so that users can reveal their attributes to service providers according to their need. We extend the ABAC model with user attribute disclosure restriction and propose a framework for defining and applying security policies\",\"PeriodicalId\":383015,\"journal\":{\"name\":\"The Second International Conference on Availability, Reliability and Security (ARES'07)\",\"volume\":\"18 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-04-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The Second International Conference on Availability, Reliability and Security (ARES'07)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2007.31\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The Second International Conference on Availability, Reliability and Security (ARES'07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2007.31","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 11

摘要

Web服务是可通过网络访问的可编程接口。在本文中，我们将重点关注不同组织使用Web服务进行协作、共享知识、集成服务以及为客户提供增值服务的场景。作为测试用例，我们考虑一个医疗保健应用程序，其中不同的医院可以向其他医院提供不同类型的服务。我们发现基于属性的访问控制(ABAC)模型非常适合于Web服务中的访问控制。但是，需要强制执行用户的安全策略，以决定应该公开哪些属性，以便用户可以根据需要向服务提供者显示其属性。我们将ABAC模型扩展为用户属性披露限制，并提出了一个定义和应用安全策略的框架

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Access Control Model for Web Services with Attribute Disclosure Restriction

Web service is a programmable interface accessible through a network. In this paper we focus on the scenario in which different organizations use Web services to collaborate, share knowledge, integrate services and for providing value added services to customers. As a test case, we consider health care application in which different hospitals can give various types of services to other hospitals. We find attribute based access control (ABAC) model to be quite suitable for access control in Web services. However, there is a need to enforce user's security policy to decide only which attributes should be disclosed so that users can reveal their attributes to service providers according to their need. We extend the ABAC model with user attribute disclosure restriction and propose a framework for defining and applying security policies

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

The Second International Conference on Availability, Reliability and Security (ARES'07)

自引率

0.00%

发文量