Sciweavers

ICWS
2003
IEEE

Access Control in Dynamic XML-Based Web-Services with X-RBAC

14 years 1 months ago
Access Control in Dynamic XML-Based Web-Services with X-RBAC
Policy specification for securing Web services is fast emerging as a key research area due to rapid proliferation of Web services in modern day enterprise applications. Whilst the use of XML technology to support these Web services has resulted in their tremendous growth, it has also introduced a new set of security challenges specific to these Web services. Though there has been recent research in areas of XML-based document security, these challenges have not been addressed within the XML framework. In this paper, we present X-RBAC, an XML-based RBAC policy specification framework for enforcing access control in dynamic XML-based Web services. An X-RBAC system has been implemented as a Java application, and is based on a specification language that addresses specific security requirements of these Web services. We discuss the salient features of the specification language, and present the software architecture of our X-RBAC system.
Rafae Bhatti, James Joshi, Elisa Bertino, Arif Gha
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2003
Where ICWS
Authors Rafae Bhatti, James Joshi, Elisa Bertino, Arif Ghafoor
Comments (0)