Sciweavers

INTR
2007

Web services access control architecture incorporating trust

13 years 11 months ago
Web services access control architecture incorporating trust
Purpose – This paper seeks to investigate how the concept of a trust level is used in the access control policy of a web services provider in conjunction with the attributes of users. Design/methodology/approach – A literature review is presented to provide background to the progressive role that trust plays in access control architectures. The web services access control architecture is defined. Findings – The architecture of an access control service of a web service provider consists of three components, namely an authorisation interface, an authorisation manager, and a trust manager. Access control and trust policies are selectively published according to the trust levels of web services requestors. A prototype highlights the incorporation of a trust level in the access control policy as a viable solution to the problem of web services access control, where decisions of an autonomous nature need to
Marijke Coetzee, Jan H. P. Eloff
Added 15 Dec 2010
Updated 15 Dec 2010
Type Journal
Year 2007
Where INTR
Authors Marijke Coetzee, Jan H. P. Eloff
Comments (0)