Journal Article10.4018/JWSR.2010010101
Enhancing Security Modeling for Web Services Using Delegation and Pass-On
21
TL;DR: An enhanced security model to control the information flow in service chains is proposed by extending the basic web service security models by introducing the concepts of delegation and pass-on.
read more
Abstract: In recent years, security issues in web service environments have been widely studied and various security standards and models have been proposed. However, most of these standards and models focus on individual web services and do not consider the security issues in composite services. In this article, the authors propose an enhanced security model to control the information flow in service chains. It extends the basic web service security models by introducing the concepts of delegation and pass-on. Based on these concepts, new certificates, certificate chains, delegation and pass-on policies, and how they are used to control the information flow are discussed. The authors also introduce a case study from a healthcare information system to illustrate the protocols.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
USDL: A Service-Semantics Description Language for Automatic Service Discovery and Composition
TL;DR: An infrastructure using USDL (Universal Service-Semantics Description Language), a language for formally describing the semantics of Web services, which can be regarded as formal service documentation that will allow sophisticated conceptual modeling and searching of available Web Services, automated service composition, and other forms of automated service integration.
46
Improving Web Service Security and Privacy
Xinfeng Ye,Lei Zhong +1 more
- 04 Jul 2011
TL;DR: A scheme that allows the webservice providers to carry out fine-grained access control on the data hosted by them and automatically detects the data flows that might lead to attacks on online services is proposed.
10
A new security framework against Web services' XML attacks in SOA
Narges Shahgholi,Mir Ali Seyyedi,Mehran Mohsenzadeh,Saleh Hafez Qorani +3 more
- 01 Dec 2011
TL;DR: A new security framework is proposed which aims to defend main XML threats, especially WSDL attacks in an SOA environment, for the first time that such a practical solution has been offered.
9
A Robust Framework for Securing Composed Web Services
Najah Ben Said,Takoua Abdellatif,Saddek Bensalem,Marius Bozga +3 more
- 14 Oct 2015
TL;DR: A framework that automatically checks and configures data security in Web Services starting from high level business requirements and illustrating its utility to solve intricate security problems using a smart grid application is illustrated.
SEWSEC: A Secure Web Service Composer using Information Flow Control
Hela Zorgati,Takoua Abdellatif +1 more
- 26 Sep 2011
TL;DR: SEWSEC is a Secure Web Service Composer that assists the system designer to secure his composed Web Services by abstracting the system to a hierarchy of dependence graphs and applying an Information Flow Control verifying that the configuration ensures an end-to-end security.
7
References
The UCONABC usage control model
Jaehong Park,Ravi Sandhu +1 more
TL;DR: This paper introduces the family of UCONABC models for usage control (UCON), which integrate Authorizations, oBligations, and Conditions (C), and addresses the essence of U CON, leaving administration, delegation, and other important but second-order issues for later work.
PBDM: a flexible delegation model in RBAC
Xinwen Zhang,Sejong Oh,Ravi Sandhu +2 more
- 02 Jun 2003
TL;DR: This paper proposes a flexible delegation model named Permission-based Delegation Model (PBDM), which is built on the well known RBAC96 model, and supports both role and permission level delegation, which provides great flexibility in authority management.
240
A Role-Based Delegation Model and Some Extensions
Ezedin Barka,Ravi Sandhu +1 more
- 01 Jan 2000
TL;DR: This paper proposes a simple but practically useful model for delegation called RBDM0 (role-based delegation model zero), and explores some extensions to R BDM0 including issues of revocation, partial delegation, multiple step delegation, and delegation with hierarchical roles.
189
Security Conscious Web Service Composition
Barbara Carminati,Elena Ferrari,Patrick C. K. Hung +2 more
- 18 Sep 2006
TL;DR: This paper proposes a method for modeling security constraints and a brokered architecture to build composite Web services according to the specified security constraints.
Supporting conditional delegation in secure workflow management systems
Vijayalakshmi Atluri,Janice Warner +1 more
- 01 Jun 2005
TL;DR: The notion of delegation is extended to allow for such conditional delegation, where the delegation conditions can be based on time, workload and task attributes, which addresses the problem of assigning users to tasks in a consistent manner such that none of the constraints are violated.
93
Related Papers (5)
Kenny Khoo,Lina Zhou +1 more
- 01 Jan 2004
Bhavani Thuraisingham
- 19 Apr 2016
Paloma Díaz,Ignacio Aedo,Fivos Panetsos +2 more
- 01 Jun 2000