International Journal of Information and Communication Technology Research

International Journal of Information and Communication Technology Research>> Call for Papers(CFP)>>Volume 7, Number 2, February 2017

International Journal of Information and Communication Technology Research


A Security Framework for Access Control in Web Services

Full Text Pdf Pdf
Author(s) Abolfazl Esfandi, Mehdi Sabbari
On Pages 152-162
Volume No. 4
Issue No. 5
Issue Date May, 2014
Publishing Date May, 2014
Keywords Service Oriented Architecture, Web Services, Access Control, Security Requirements, RBAC, ABAC.


Abstract


In this article, we focus on one of the important aspects of Service Oriented Architecture (SOA), which is access control. The article presents the security requirements that must be followed and it presents a conceptual model of requirements in this field based on the needs. Then since different models such as IBAC? RBAC? ABAC and RAdAC have been presented so far, we try to present comparison between existing models is presented. After it the ABAC modelís structure that is more compatible with SOA is described and there is a comparison between the model and the RBAC model. Since the most important way in implementing SOA is the use of web services, in this article we proposed an architecture for web services in access control to protected services and to adopt some policies on the applications based on ABAC model and SAML standard and XACML languages. The possible activity in the architecture and the implementation stages are explained using use case diagram and sequence diagram in UML.

Seperator
    Journal of Information and Communication Technology | Journal of Science and Technology     
Copyrights
© 2014 IRPN Publishers