Sciweavers

CSSE
2004
IEEE

A comparison of modeling strategies in defining XML-based access control languages

13 years 11 months ago
A comparison of modeling strategies in defining XML-based access control languages
One of the most important features of XML-based Web services is that they can be easily accessed over the Internet, but this makes them vulnerable to a series of security threats. What makes security for web services so challenging is their distributed and heterogeneous nature. Access control policy specification for controlling access to Web services is then becoming an emergent research area due to the rapid development of Web services in modern economy. Two relevant access control languages using XML are WS-Policy and XACML. The main conceptual difference between these two languages is that while XACML is based on a well-defined model that provides a formal representation of the access control security policy and its working, WS-Policy has been developed without taking into consideration this modeling phase. In this paper, we critique WS-Policy pointing out some of its shortcomings. We then describe the architecture we implemented and that offers an interface for controlling access...
Claudio Agostino Ardagna, Sabrina De Capitani di V
Added 17 Dec 2010
Updated 17 Dec 2010
Type Journal
Year 2004
Where CSSE
Authors Claudio Agostino Ardagna, Sabrina De Capitani di Vimercati
Comments (0)