Access control enforcement for conversation-based web services
- 23 May 2006
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
- p. 257-266
- https://doi.org/10.1145/1135777.1135818
Abstract
Service Oriented Computing is emerging as the main approach to build distributed enterprise applications on the Web. The widespread use of Web services is hindered by the lack of adequate security and privacy support. In this paper, we present a novel framework for enforcing access control in conversation-based Web services. Our approach takes into account the conversational nature of Web services. This is in contrast with existing approaches to access control enforcement that assume a Web service as a set of independent operations. Furthermore, our approach achieves a tradeoff between the need to protect Web service's access control policies and the need to disclose to clients the portion of access control policies related to the conversations they are interested in. This is important to avoid situations where the client cannot progress in the conversation due to the lack of required security requirements. We introduce the concept of k-trustworthiness that defines the conversations for which a client can provide credentials maximizing the likelihood that it will eventually hit a final stateKeywords
This publication has 12 references indexed in Scilit:
- AUTOMATIC SERVICE COMPOSITION BASED ON BEHAVIORAL DESCRIPTIONSInternational Journal of Cooperative Information Systems, 2005
- Protocol engineering for web services conversationsEngineering Applications of Artificial Intelligence, 2005
- Interactive Credential Negotiation for Stateful Business ProcessesLecture Notes in Computer Science, 2005
- When are Two Web Services Compatible?Lecture Notes in Computer Science, 2005
- ABSTRACTING AND ENFORCING WEB SERVICE PROTOCOLSInternational Journal of Cooperative Information Systems, 2004
- Web service conversation modeling: a cornerstone for e-business automationIEEE Internet Computing, 2004
- An efficient algorithm for computing bisimulation equivalenceTheoretical Computer Science, 2004
- An access control language for web servicesPublished by Association for Computing Machinery (ACM) ,2002
- On finding the strongly connected components in a directed graphInformation Processing Letters, 1994
- Depth-First Search and Linear Graph AlgorithmsSIAM Journal on Computing, 1972