Action-Based Access Control for Web Services
Web services over the Internet are widely used nowadays. The problem of secure access to Web-based systems is of great importance naturally. Compared with the existing models, the Action-Based Access Control (ABAC) model is the most suitable to control the access on Web services. In this paper, the ABAC model is introduced. Then, the security architecture of ABAC for Web services is proposed. In the architecture, the Action server manages the action information, the Domain server determines the security rank of request resources, and the Resource server storing the resources with different security ranks responses the request from the user. The cookie is extended with security properties.
access control security Web service cookie
Fenghua Li Wei Wang Jianfeng Ma Haoxin Su
Key Laboratory of Computer Networks and Information Security (Ministry of Education),Xidian Universi Key Laboratory of Computer Networks and Information Security (Ministry of Education),Xidian Universi Key Laboratory of Computer Networks and Information Security (Ministry of Education),Xidian Universi
国际会议
The Fifth International Conference on Information Assurance and Security(第五届信息保障与安全国际会议)
西安
英文
637-642
2009-08-18(万方平台首次上网日期,不代表论文的发表时间)