A Measurable Approach for Access and Control Modeling in SOA

Full Text (PDF, 176KB), PP.54-59

Views: 0 Downloads: 0

Author(s)

Gu JunKai 1 Han Ling 1 Wang Bo 1

1. College of Geology Engineering and Geomatics, Chang’an University, Xi’an, China

* Corresponding author.

DOI: https://doi.org/10.5815/ijem.2011.02.09

Received: 14 Jan. 2011 / Revised: 7 Feb. 2011 / Accepted: 10 Mar. 2011 / Published: 8 Apr. 2011

Index Terms

Component, SOA, Access control, Trust

Abstract

Service oriented architects (SOA) is considered as an extensible, robust and platform independent web application architect. However, problems in security guard for service access remains unresolved especially for the measurable one. we proposed a novel access control model, which we called SACM: Service Access Control Model, specially for SOA. Our model is mainly based on the role access policy, extended with trust authority transition and integration mechanism, to fulfill an extensive and measurable access control modeling approach with Crypto-CCS.

Cite This Paper

Gu JunKai, Han Ling, Wang Bo,"A Measurable Approach for Access and Control Modeling in SOA", IJEM, vol.1, no.2, pp.54-59, 2011. DOI: 10.5815/ijem.2011.02.09 

Reference

[1] James B. D. Joshi,Walid G. Aref,Arif Ghafoor, Eugene H. Spafford. Security models for web-based applications.Communications of the ACM. ACM New York, NY, USA.44(2).38-44.2001
[2] Ravi S. Sandhu.Lattice-Based Access Control Models. Computer. 26(11).9-19. 1993
[3] D Bell.The bell-lapadula model.Journal of computer security, 1996
[4] Sandhu R, Coyne E J, Feinstein H L, et al. Role-Based access control models[J]. IEEE Computer, 1996, 29(2): 38-47.
[5] Youman C, Sandhu R, Coyne E, et al. Rationale for the RBAC96 family of access control models[A]. In Proc. Of the 1st ACM Workshop on Role-Based Access Control[C]. New York: ACM Press, 1996.
[6] D. Marchignoli and F. Martinelli. Automatic verification of cryptographic protocols through compositional analysis techniques[J]. In TACAS, volume LNCS 1579, pages 148–162. Springer, 1999.
[7] F. Martinelli. Analysis of security protocols as open systems[J]. Theoretical Computer Science, 290(1): 1057–1106, 2003.
[8] Markus Lorch, Seth Proctor, Rebekah Lepro et al. First experiences using XACML for access control in distributed systems.in: Sushil Jajodia, Michiharu Kudo eds[C]. Proceedings of the 2003 ACM Workshop on XML Security. New York, NY, USA: ACM Press, 2003: 25–37.