Specification of access control and certification policies for semantic web services

Abstract

Web service providers specify access control policies to restrict access to their Web services. It turned out, that since the Web is an open, distributed and dynamic environment, in which a central controlling instance cannot be assumed, capability based access control is most suitable for this purpose. However, since practically every participant can certify capabilities defined in his/her own terminology, determining the semantics of certified capabilities and the trustworthiness of certification authorities are two major challenges in such a setting. In this paper, we show, (1) how certification authorities and their certification policies can be modeled semantically (2) how Web service providers can specify and check the consistency of their access control policies and (3) how end users can check automatically, whether they have access to a Web service. © Springer-Verlag Berlin Heidelberg 2005.