Interactive access control for web services

25Citations
Citations of this article
13Readers
Mendeley users who have this article in their library.

Abstract

Business Processes for Web Services (BPEL4WS) are the new paradigms for lightweight enterprise integration. They cross organizational boundaries and are provided by entities that see each other just as business partners. Web services require shift in the access control mechanism: from identity-based access control to trust management and negotiation, but thi s is not enough for cross organizational busin ess processes. For many businesses no partner may guess apriori what kind of credentials will be sent by clients and clients may not know apriori which credentials are required for completing a business process. We pro pose a logical framework for reasoning about access control for BPEL4WS and a BPEL4WS based implementation usin g Collaxa server. Our model is based on int eraction a nd exchange of requ ests for supplying or declining missing crede nt ials. We identify the formal reasoning services (deduction, abduct ion, consiste ncy checking) that characterise problem and discuss their implementation. © 2004 by Springer Science+Business Media Dordrecht.

Cite

CITATION STYLE

APA

Koshutanski, H., & Massaeci, F. (2004). Interactive access control for web services. In IFIP Advances in Information and Communication Technology (Vol. 147, pp. 151–166). Springer New York LLC. https://doi.org/10.1007/1-4020-8143-x_10

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free