Access Control Model for Web Services with Attribute Disclosure Restriction

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Vipin Singh Mewar Articles by Subhendu Aich Articles by Shamik Sural

The Second International Conference on Availability, Reliability and Security (ARES'07)

Vienna, Austria

April 10-April 13

ISBN: 0-7695-2775-2

	ASCII Text	x
	Vipin Singh Mewar, Subhendu Aich, Shamik Sural, "Access Control Model for Web Services with Attribute Disclosure Restriction," Availability, Reliability and Security, International Conference on, pp. 524-531, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007.

	BibTex	x
	@article{ 10.1109/ARES.2007.31, author = {Vipin Singh Mewar and Subhendu Aich and Shamik Sural}, title = {Access Control Model for Web Services with Attribute Disclosure Restriction}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2775-2}, pages = {524-531}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2007.31}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Access Control Model for Web Services with Attribute Disclosure Restriction SN - 0-7695-2775-2 SP524 EP531 A1 - Vipin Singh Mewar, A1 - Subhendu Aich, A1 - Shamik Sural, PY - 2007 KW - null VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Vipin Singh Mewar, Indian Institute of Technology, Kharagpur, India

Subhendu Aich, Indian Institute of Technology, Kharagpur, India

Shamik Sural, Indian Institute of Technology, Kharagpur, India

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2007.31

Web service is a programmable interface accessible through a network. In this paper we focus on the scenario in which different organizations use web services to collaborate, share knowledge, integrate services and for providing value added services to customers. As a test case, we consider health care application in which different hospitals can give various types of services to other hospitals. We find Attribute Based Access Control (ABAC) model to be quite suitable for access control in web services. However, there is a need to enforce user?s security policy to decide only which attributes should be disclosed so that users can reveal their attributes to service providers according to their need. We extend the ABAC model with user attribute disclosure restriction and propose a framework for defining and applying security policies.

Citation:

Vipin Singh Mewar, Subhendu Aich, Shamik Sural, "Access Control Model for Web Services with Attribute Disclosure Restriction," ares, pp.524-531, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.