Web Services Security Architectures using RoleBased Access Control
Journal Title: International Journal of Computer Science and Information Technologies - Year 2010, Vol 1, Issue 5
Abstract
The Web Services Access controls are categorized according to access control granularity and have two approaches: The first approach supports a negotiation-based attribute-based access control to Web Services with fine access granularity. The second approach is tailored to access control for conversation-based Web services and composite services; where in a Web Service is not considered as a set of independent operations and therefore access control must take such dependencies into account. During a Web Services invocation, a client interacts with the service, performing a sequence of operations in a particular order called conversation. In this paper, we want to propose strategies for analyzing and managing Role Based Access Control policies for designing Security Architectures for web services. We validate role-based access control with a case study, where in access decisions are based on the roles that individual users have as part of an organization. Users take on assigned roles. The process of defining roles should be based on a thorough analysis of how an organization operates and should include input from a wide spectrum of users in an organization. Access rights are grouped by role name, and the use of resources is restricted to individuals authorized to assume the associated role. For example, within a hospital system the role of doctor can include operations to perform diagnosis, prescribe medication, and order laboratory tests; and the role of researcher can be limited to gathering anonymous clinical information for studies. The use of roles to control access can be an effective means for developing and enforcing enterprisespecific security policies, and for streamlining the security management process. Under the RBAC framework, users are granted membership into roles based on their competencies and responsibilities in the organization. The operations that a user is permitted to perform are based on the user's role.
Authors and Affiliations
K. Venkateswar Rao , Dr. M. Srinivasa Rao , K. Mrunalini Devi , Dr. D. Sravan Kumar , M. Upendra Kumar
Keywords
Related Articles
- EP ID EP144907
- DOI -
- Views 83
- Downloads 0
Fault-Tolerance and Permutation Analysis of ASEN and its Variant
High performance computing systems can be designed using parallel processing. The effectiveness of these parallel systems rests primarily on the communication network linking processors and memory mo...
Combined Text Watermarking
There is a vast amount of digital text data exchanged over the internet for the past few years. Such exchanges necessitate a very robust copyright protection mechanism. This paper presents a new idea on how one can effec...
Method to Minimize the Clock Skew and Uniform Clock Distribution using Parallel Port in Pipe Line Based Multi Channel DMA Request Terminal for Frequency Measurement
This paper presents a new wide-range digital speed measurement method with jitter removal technique and using the direct memory access (DMA) terminal count register (TCR). Our work also supports a multi node interfacing...
Detecting Malicious Node in MANET Using Trust Based Cross-Layer Security Protocol
In this paper, we develop a trust based security protocol based on a cross-layer approach which attains confidentiality and authentication of packets in both routing and link layers of MANETs. In the first phase of the p...
A New Hashing and Caching Approach for Minimizing Overall Location Management Cost in Next-Generation Wireless Networks
This paper proposes a new hashing and caching strategy (NHC) in order to reduce the overall location management cost in wireless mobile networks. It uses caches whose up-to-date information is responsible for dropping th...