A dynamic context-aware access control architecture for e-services

Computers and Security

Volumn 25, Issue 7, 2006, Pages 507-521

  Kapsalis, Vassilis ^a   Hadellis, Loukas ^b   Karelis, Dimitris ^b   Koubias, Stavros ^c  

^a INDUSTRIAL SYSTEMS INSTITUTE   (Greece)

^b TECHNOLOGICAL EDUCATIONAL INSTITUTE OF PATRAS   (Greece)

^c UNIVERSITY OF PATRAS   (Greece)

Author keywords

Access control; Authorization; Context aware; e Services; UML; Web services

Indexed keywords

COMPUTER ARCHITECTURE; CONSTRAINT THEORY; INTERNET; SECURITY OF DATA; TELECOMMUNICATION SERVICES; WORLD WIDE WEB; XML;

ACCESS CONTROL; AUTHORIZATION; CONTEXT-AWARE; E-SERVICES; WEB SERVICES;

ELECTRONIC COMMUNITIES;

EID: 33751019635     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cose.2006.05.004     Document Type: Article

References (22)

1. Adam N.R., Atluri V., Bertino E., and Ferrari E. A content-based authorization model for digital libraries. IEEE Trans Knowl Data Eng 14 2 (March 2002) 296-315
2. Anderson Anne. An introduction to the web services policy language (WSPL). In: The fifth IEEE international workshop on policies for distributed systems and networks, Yorktown Heights, New York; 7-9 June 2004.
3. Bertino E., Bonatti P.A., and Ferrari E. TRBAC: a temporal role-based access control model. ACM Trans Inf Syst Secur 4 3 (August 2001) 191-223
4. Bhatti R. X-GTRBAC: an XML-based policy specification framework and architecture for enterprise-wide access control, Masters thesis, Purdue University; May 2003.
5. Coetzee M., and Eloff J.H.P. Towards web services access control. J Comput Secur 23 (June 2004) 559-570
6. Covington Michael J, Fogla Prahald, Zhan Zhiyuan, Ahamad Mustaque. A context-aware security architecture for emerging applications. In: Proceedings of the annual computer security applications conference (ACSAC), Las Vegas, Nevada, USA; December 2002.
7. Damianou N, et al. A survey of policy specification approaches, ; September 2002.
8. Dey Anind K, Abowd Gregory D. Towards a better understanding of context and context-awareness. In: Workshop on the what, who, where, when, and how of context-awareness, as part of the 2000 conference on human factors in computing systems (CHI 2000), The Hague, The Netherlands; April 3, 2000.
9. eXtensible Access Control Markup Language (XACML) Version 2.0, ; December 2004.
10. Georgiadis Christos K, Mavridis Ioannis, Pangalos George, Thomas Roshnan K. Flexible team-based access control using contexts. In: Proceedings of the sixth ACM symposium on access control models and technologies, Chantilly, Virginia, USA; May 2001.
11. IETF: the internet engineering task force, A framework for policy-based admission control, ; January 2000.
12. Joshi JBD, Bertino Elisa, Latif Usman, Ghafoor Arif. Generalized temporal role based access control model (GTRBAC) (Part I) - specification and modelling. Technical report, CERIAS 2001-47, Purdue University; 2001.
13. Kapsalis V., et al. A SOAP-based system for the provision of e-services. Comput Stand Interfaces, 0920-5489 26 6 (October 2004) 527-541 [Elsevier Science BV]
14. Kumar A., Karnik N., and Chafle G. Context sensitivity in role-based access control. ACM SIGOPS Oper Syst Rev 36 3 (July 2002)
15. Neumann Gustaf, Strembeck Mark. An approach to engineer and enforce context constraints in an RBAC environment. In: Proceedings of the eighth ACM symposium on access control models and technologies, Como, Italy; June 2003.
16. Ogden Frank. Web services: the future of building automation? The industrial Ethernet book. Issue 23; November 2004. .
17. OPC Foundation. OPC XML-DA specification, v1.0 (2003).
18. Sandhu R., Ferraiolo D., and Kuhn R. The nist model for role-based access control: towards a unified standard. Proceedings of ACM workshop on role-based access control (July 2000), ACM
19. Thomas RK, Shandu RS. Task-based authorization controls (TBAC): a family of models for active and enterprise-oriented authorization management. In: Proceeding of the IFIP WG11.3 workshop on database security, Lake Thaoe, California; August 11-13, 1997.
20. Web Services Description Language (WSDL) 1.1, ; March 2001.
21. Web Services Policy Framework (WS-Policy), ; September 2004.
22. Zhang G., and Parashar M. Dynamic context-aware access control for grid applications. Proceedings of the fourth international workshop on grid computing (grid 2003), Phoenix, AZ, USA (November 2003), IEEE Computer Society Press 101-108