Computer and Information Technology, International Conference on (2004)
Sept. 14, 2004 to Sept. 16, 2004
Feng Xu , Nanjing University
Guoyuan Lin , China University of Mining & Technology
Hao Huang , Nanjing University
Li Xie , Nanjing University
This paper first briefly reviews the state of the security technology research and access control in the Web Services environment, and then presents a service-orient role-based access control model and security architecture model for Web Services. In this Security Architecture model, SOAP Proxy is employed to enforce access control for Web Services and security mechanisms are separated from the business logic. In this paper, a new technology is presented to implement the RBAC on the Web Services by designing the secure cookies and secure SOAP messages. Finally, the conclusion is given and the problems are pointed out, which should be resolved in further research.
G. Lin, H. Huang, F. Xu and L. Xie, "Role-Based Access Control System for Web Services," Computer and Information Technology, International Conference on(CIT), Wuhan, China, 2004, pp. 357-362.