CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

Deploying Access Control using Extended XACML in Open Web Service Environment

by Thirumaran.m, Dhavachelvan.p, Divya.a
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 47 - Number 5
Year of Publication: 2012
Authors: Thirumaran.m, Dhavachelvan.p, Divya.a
10.5120/7181-9875

Thirumaran.m, Dhavachelvan.p, Divya.a . Deploying Access Control using Extended XACML in Open Web Service Environment. International Journal of Computer Applications. 47, 5 ( June 2012), 1-5. DOI=10.5120/7181-9875

@article{ 10.5120/7181-9875,
author = { Thirumaran.m, Dhavachelvan.p, Divya.a },
title = { Deploying Access Control using Extended XACML in Open Web Service Environment },
journal = { International Journal of Computer Applications },
issue_date = { June 2012 },
volume = { 47 },
number = { 5 },
month = { June },
year = { 2012 },
issn = { 0975-8887 },
pages = { 1-5 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume47/number5/7181-9875/ },
doi = { 10.5120/7181-9875 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:41:04.077481+05:30
%A Thirumaran.m
%A Dhavachelvan.p
%A Divya.a
%T Deploying Access Control using Extended XACML in Open Web Service Environment
%J International Journal of Computer Applications
%@ 0975-8887
%V 47
%N 5
%P 1-5
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Now a days web services have a greater role in development of software systems. Generally, web server wants to determine which access can be granted and communicate with requesterfor open web service environment. These systems are designed to be open and web servers does not have determined conditions for communicate to the access requester. Such consideration makes traditional access control not applicable, which depends upon requester identification and authentication. Typically, XACML language is proposed for define the access control policy. It does not support novel features and not suitable in practice. In this paper, we extend the current XACML by providing novel features for controlling access in interoperable and flexible way, and then illustrate how such concepts can be deployed. Also, extend the standard XACML architecture to incorporate the new features for open web service systems

References
  1. C. A. Ardagna, S. De Capitani di Vimercati, S. Paraboschi, E. Pedrini, P. Samarati and M. Verdicchio, "Expressive and Deployable Access Control in Open Web Service Applications", IEEE Transactions On Services Computing, 2010.
  2. Rodolfo Ferrini and Elisa Bertino, "Supporting RBAC with XACML+OWL", ACM,June, pp. 145-154, 2009.
  3. Kyu Il Kim, Hyuk Jin Ko, Won Gil Choi, EunJu Lee, and Ung Mo Kim, "A Collaborative Access Control based on XACML in Pervasive Environments" , in proceedings of the International Conference on Convergence and Hybrid Information Technology, IEEE Computer Society, 2008.
  4. XuFeng, Lin Guoyuan, Huang Hao, and Xie Li, "Role-based Access Control System for Web Services", in Proceedings of the Fourth International Conference on Computer and Information Technology, IEEE, 2004.
  5. SitaramanLakshminarayanan, "Interoperable security standards for web services", IEEE Computer Society, October, 2010.
  6. Han Tao, "A XACML-based Access Control Model for Web Service", IEEE, 2005
  7. NI Jun, CHEN Xiao-su?WU Jin-hu and LIU Hui-yu," Research on Hierarchical Policy-based Access Control Model for Web Services", IEEE, 2009
  8. RafaeBhatti Elisa BertinoArifGhafoo, and James B. D. Joshi, "XML-Based Specification for Web Services Document Security", IEEE Computer Society, April, 2004.
  9. P. Ashley, S. Hada, G. Karjoth, C. Powers, and M. Schunter, Enterprise Privacy Authorization Language (EPAL), Research Report RZ 3485, IBM Research, March,2003.
  10. Eric Yuan and Jin Tong, "Attributed Based Access Control (ABAC) for Web Services", in Proceedings of the IEEE International Conference on Web Services, IEEE, 2005
  11. R. Bhatti, J. B. D. Joshi, E. Bertino, A. Ghafoor, "Access Control in Dynamic XML-based Web-Services with XRBAC", In proceedings of The First International Conference on Web Services, Las Vegas, June 23-26, 2003
  12. Shih-Chien Chou and Chun-Hao Huang, "An extended XACML model to ensure secure information access for web services" , The Journal of system software, pp. 77-84, 2010
  13. JeeHyun Hwang, Tao Xie and Vincent C. Hu, "Detection of Multiple-Duty-Related Security Leakage in Access Control Policies", In proceeding of the IEEE conference on Secure Software Integration and Reliability Improvement, 2009
  14. Dong Seong Kim, Taek-Hyun Shin and Jong Sou Park, "Access Control and Authorization for Security of RFID Multi-Domain Using SAML and XACML",IEEE, 2006
  15. Yun-qing Fu and Chun-xiao Ye, "Using XACML to define access control policy in information system" , in proceeding of the IEEE international conference on wireless mobile and sensor network, 2007.
Index Terms

Computer Science
Information Sciences

Keywords

Access Control Web Service Policy Evaluation Engine Xacml Policy Decision Point Abac

Powered by PhDFocusTM