An Access Control Approach of Multi_Security Domain for Web Service

Semantics-based Access Control Approach for Web Service

Journal of Computers ◽

10.4304/jcp.6.6.1152-1161 ◽

2011 ◽

Vol 6 (6) ◽

Cited By ~ 11

Author(s):

Zhengqiu He ◽

Lifa Wu ◽

Huabo Li ◽

Haiguang Lai ◽

Zheng Hong

Keyword(s):

Access Control ◽

Web Service ◽

Control Approach

Download Full-text

An effective access control approach to support web service security

Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services - iiWAS '09 ◽

10.1145/1806338.1806438 ◽

2009 ◽

Author(s):

Mahdi Sharifi ◽

Homa Movahednejad ◽

Sayed Gholam Hassan Tabatabei ◽

Suhaimi Ibrahim

Keyword(s):

Access Control ◽

Web Service ◽

Control Approach ◽

Web Service Security

Download Full-text

A SRP based handler for web service access control

IEEE International Conference onServices Computing, 2004. (SCC 2004). Proceedings. 2004 ◽

10.1109/scc.2004.1357990 ◽

2004 ◽

Cited By ~ 1

Author(s):

F.O. Silva ◽

J.A.A. Pacheco ◽

P.F. Rosa

Keyword(s):

Access Control ◽

Web Service ◽

Service Access

Download Full-text

IoT-CCAC: a blockchain-based consortium capability access control approach for IoT

PeerJ Computer Science ◽

10.7717/peerj-cs.455 ◽

2021 ◽

Vol 7 ◽

pp. e455

Author(s):

Mohammed Amine Bouras ◽

Boming Xia ◽

Adnan Omer Abuassba ◽

Huansheng Ning ◽

Qinghua Lu

Keyword(s):

Access Control ◽

Single Point ◽

Poor Performance ◽

Sharing Economy ◽

Privacy And Security ◽

Control Approach ◽

Blockchain Technology ◽

Control Schemes ◽

Common Goals ◽

Intrinsic Feature

Access control is a critical aspect for improving the privacy and security of IoT systems. A consortium is a public or private association or a group of two or more institutes, businesses, and companies that collaborate to achieve common goals or form a resource pool to enable the sharing economy aspect. However, most access control methods are based on centralized solutions, which may lead to problems like data leakage and single-point failure. Blockchain technology has its intrinsic feature of distribution, which can be used to tackle the centralized problem of traditional access control schemes. Nevertheless, blockchain itself comes with certain limitations like the lack of scalability and poor performance. To bridge the gap of these problems, here we present a decentralized capability-based access control architecture designed for IoT consortium networks named IoT-CCAC. A blockchain-based database is utilized in our solution for better performance since it exhibits favorable features of both blockchain and conventional databases. The performance of IoT-CCAC is evaluated to demonstrate the superiority of our proposed architecture. IoT-CCAC is a secure, salable, effective solution that meets the enterprise and business’s needs and adaptable for different IoT interoperability scenarios.

Download Full-text

Improvement of Privacy and Security in Hybrid Cloud with Attribute Group Based Access Control

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit19518 ◽

2019 ◽

pp. 57-61

Author(s):

Kayalvili S ◽

Sowmitha V

Keyword(s):

Cloud Computing ◽

Access Control ◽

Data Storage ◽

Service Providers ◽

Cloud Service ◽

Security Requirements ◽

Security And Privacy ◽

Data Outsourcing ◽

Privacy And Security ◽

Control Approach

Cloud computing enables users to accumulate their sensitive data into cloud service providers to achieve scalable services on-demand. Outstanding security requirements arising from this means of data storage and management include data security and privacy. Attribute-based Encryption (ABE) is an efficient encryption system with fine-grained access control for encrypting out-sourced data in cloud computing. Since data outsourcing systems require flexible access control approach Problems arises when sharing confidential corporate data in cloud computing. User-Identity needs to be managed globally and access policies can be defined by several authorities. Data is dual encrypted for more security and to maintain De-Centralization in Multi-Authority environment.

Download Full-text

Using SAML and XACML for Web Service Security&Privacy

Securing Web Services ◽

10.4018/978-1-59904-639-6.ch008 ◽

2008 ◽

pp. 182-205 ◽

Cited By ~ 7

Author(s):

Tuncay Namli ◽

Asuman Dogac

Keyword(s):

Web Services ◽

Access Control ◽

Web Service ◽

User Authentication ◽

Security And Privacy ◽

Web Service Security ◽

Technology Changes ◽

Attribute Information ◽

Healthcare Monitoring ◽

Service Standards

Web service technology changes the way of conducting business by opening their services to the whole business world over the networks. This property of Web services makes the security and privacy issues more important since the access to the services becomes easier. Many Web service standards are emerging to make Web services secure and privacy protected. This chapter discusses two of them; SAML (OASIS, 2005) and XACML (OASIS, 2005). SAML is an XML-based framework for communicating user authentication, entitlement, and attribute information. In other words, SAML handles the user authentication and also carries attribute information for authorization (access control). XACML is the complementary standard of OASIS to make the access control decisions. This work is realized within the scope of the IST 027074 SAPHIRE Project which is an intelligent healthcare monitoring and decision support system.

Download Full-text