Context-aware Access Control Policy Research for Web Service
Abstract
Web service environment is characterized by its openness and distribution, in which the interacting entities usually have little knowledge about each other and may be in different domains, so the access control for web service has become a challenging problem that needs to be addressed properly. In this paper, an access control policy model based on context and role is proposed that can be appropriate for web service. The model takes context as the center to define and perform access control policies. It uses the contexts of user, environment and resource to execute dynamic roles assignment and constrain the authorization decision. Furthermore, Description Logic is adopted as the policy language to formalize the model. A series of access control policy axioms are defined and the reasoning method is proposed. Experiment result has proved the feasibility and validity of the presented method.
Metrics
Citation History
Topics
Related Documents
CASA - Context-Aware Service Access
Philipp LehstenSebastian BaderDjamshid Tavangarian
Context-Aware Policy Enforcement for PaaS-Enabled Access Control
Yiannis VerginadisIoannis PatiniotakisPanagiotis GouvasSpyros MantzouratosSimeon VeloudisSebastian SchorkLudwig SeitzluwigIraklis ParaskakisGregoris Mentzas
iPri: Context-Aware Access Control and Privacy Policy Recommendation
Guoyun LiYaozhi ZhangXianqi YuYuqing Sun
Context Aware Service Policy Orchestration
Yu ZhouXin Peng LiuEduardo KahanXi Ning WangLiang XueKe Zhou
A context-aware access control framework for e-service provision
V. KapsalisDimitris KarelisLoukas HadellisGeorge Α. Papadopoulos