A metadata‐based access control model for web services
Abstract
Purpose
Provide a secure solution for web services (WS). A new interoperable and distributed access control for WS is presented.
Design/methodology/approach
Based on the separation of the access control (AC) and authorization function.
Findings
Mechanisms presented allow seamless integration of external authorization entities in the AC system. The Semantic Policy Language (SPL) developed facilitates specification of policies and semantic policy validation. SPL specifications are modular and can be composed without ambiguity. Also addressed was the problem of the association of policies to resources (WS or their operations) in a dynamic, flexible and automated way.
Research limitations/implications
The ACProxy component is currently under development. Ongoing work is focused on achieving a richer “use control” for some types of WS.
Practical implications
Administrators of WS can specify AC policies and validate them to find syntactic and semantic errors. Components for automated validation of policies at different levels are included. This ensures that the AC policies produce the desired effects, facilitating the creation and maintenance of policies. It also provides mechanisms for the use of interoperable authorizations.
Originality/value
A practical system that provides a secure solution to AC for WS. To the best of one's knowledge, no other system provides mechanisms for semantic validation of policies based on external authorization entities. Likewise, the mechanisms for interoperability of external authorization entities are also novel. The system provides content‐based access control and a secure, decentralized and dynamic solution for authorization that facilitates the management of complex systems and enhances the overall security of the AC.
Keywords
Citation
Yagüe, M.I., Maña, A. and Lopez, J. (2005), "A metadata‐based access control model for web services", Internet Research, Vol. 15 No. 1, pp. 99-116. https://doi.org/10.1108/10662240510577095
Publisher
:Emerald Group Publishing Limited
Copyright © 2005, Emerald Group Publishing Limited