Semantics-based Access Control Approach for Web Service

He, Zhengqiu; Wu, Lifa; Li, Huabo; Lai, Haiguang; Hong, Zheng

doi:10.4304/jcp.6.6.1152-1161

Cited by 17 publications

(20 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several research efforts (e.g., [1], [5], [8], [11]) have adopted and extended the Rolebased Access Control (RBAC) approach for access control to software services. Some of these efforts (e.g., [1]) incorporate specific types of contexts such as location and time.…”

Section: Related Work and Discussionmentioning

confidence: 99%

“…They consider user and resource attributes as the context constraints. He et al [5] have considered access control for Web service based on the user role and presented a CAAC policy model considering the user, resource and environment concepts. These approaches consider specific types of contexts which are not general enough in dynamic environments.…”

Section: Related Work and Discussionmentioning

confidence: 99%

“…A number of context-sensitive access control approaches have highlighted the importance and use of context information in the access control processes (e.g., [3], [5], [6], [8], [11]). However, the existing approaches to access control have only considered specific types of context information.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

An Ontology-Based Approach to Context-Aware Access Control for Software Services

Kayes

Han

Colman

2013

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. In modern communication environments, the ability to provide access control to services in a context-aware manner is crucial. By leveraging the dynamically changing context information, we can achieve context-specific control over access to services, better satisfying the security and privacy requirements of the stakeholders. In this paper, we introduce a new Context-Aware Access Control (CAAC) Framework that adopts an ontological approach in modelling dynamic context information and the corresponding CAAC policies. It includes a context model specific to access control, capturing the relevant low-level context information and inferring the high-level implicit context information. Using the context model, the policy model of the framework provides support for specifying and enforcing CAAC policies. We have developed a prototype and presented a healthcare case study to realise the framework.

show abstract

Section: Related Work and Discussionmentioning

confidence: 99%

Section: Related Work and Discussionmentioning

confidence: 99%

See 1 more Smart Citation

An Ontology-Based Approach to Context-Aware Access Control for Software Services

Kayes

Han

Colman

2013

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…During the past decades, a number of research efforts have extended the basic RBAC approach [7] by incorporating some specific types of contextual information: temporal information (e. g., [11,12]), spatial information (e.g., [13]), and both the time and location (e.g., [14]). Recently, Kulkarni et al [15], He et al [16], Huang et al [17], and Schefer-Wenzl et al [18] have adopted and extended the basic RBAC approach with some further contextual information from other than the temporal and spatial dimensions, including the resource and environment dimensions as well as the user dimension. Several research efforts (e.g., [19][20][21][22]) extend the basic ABAC approach with context-awareness by modelling contextual aspects of the user, resource and environment dimensions as attributes.…”

Section: Introductionmentioning

confidence: 99%

An ontological framework for situation-aware access control of software services

Kayes

Han

Colman

2015

Information Systems

View full text Add to dashboard Cite

“…Due to page limitation few popular approaches are mentioned here. Most commonly used access model are -role based access model (RBAC) [1] and attribute based access (ABAC) model [1]. However major drawback of these types of access models is objects are assigned to subjects in a static manner that cannot be changed with the change of environment.…”

Section: Related Workmentioning

confidence: 99%

Context and Trust Aware Workflow Oriented Access Framework

Bhattasali

Chaki

et al. 2016

International Conferences on Software Engineering and Knowledge Engineering

View full text Add to dashboard Cite

Abstract-Service oriented computing (SoC) changes the way of conducting business as these services are often available on a network. As traditional access control approach may not work in the changed environment, protecting business resource from misuse is a big challenge. Again, static allocation of access right to users will not be an efficient solution as SoC environment changes with time. This paper focuses on design of dynamic access control approach for business process. Here, we propose a context and trust aware workflow oriented access framework. Proposed approach focuses on inter-component relationship where phases are executed either in online or offline mode to avoid performance bottleneck. The concept of static binding in role based access model is extended to support dynamic access control by including context awareness and trust relationship between owner and user. Trust is either directly or indirectly dependent on service level agreement (SLA) compliance, quality of service, reputation and provenance (historical data). In this paper, the framework is designed by mapping proposed access model to workflow instances at run-time. It is validated by workflow net model, where workflow instance can be successfully executed without any interruption and can satisfy soundness property while incorporating proposed access control approach.

show abstract

Semantics-based Access Control Approach for Web Service

Cited by 17 publications

References 16 publications

An Ontology-Based Approach to Context-Aware Access Control for Software Services

An Ontology-Based Approach to Context-Aware Access Control for Software Services

An ontological framework for situation-aware access control of software services

Context and Trust Aware Workflow Oriented Access Framework

Contact Info

Product

Resources

About