Constructing a Highly Efficient Integrated Access Control Scheme for Web Services

• Main Authors: Mei-chih Hwang, 黃美治
• Other Authors: Woei-Jiunn Tsaur
• Format: Others
• Language: zh-TW
• Published: 2006
• Online Access: http://ndltd.ncl.edu.tw/handle/67212327336953416621

碩士 === 大葉大學 === 資訊管理學系碩士在職專班 === 94 === Web services technology is an extreme efficient structure of information system for promoting enterprises to lower operating cost and raise profits. Nevertheless, with the pluralism of trading platforms, the security of transmitting message and how to execute the access control for information systems will become an important issue for securing the web service environment. Using certificate-based public key cryptosystems to solve the problems related to the demand of security under the current environment of web services causes rather complicated identity verifying and management. The methods of access control in operation can be divided into two kinds. One is that each user must register at different web sites, and therefore the system administrator will be busy in establishing the authority connection for these users; the other is at one specific web site, but every single site is connected with the others through the way of “loosely coupled”, but user may face the problem of different level of authority from a variety of web domains. For this reason, in the thesis the mechanism of integrated access control with high efficiency is constructed using the ECC-based self-certified public key cryptosystems and role-based access control scheme. The proposed mechanism can identify the user without employing certificates, and solve the limits of access authority across different web domains without any influence upon current system operations. Furthermore, after the comparisons with the current access control schemes for web services, we can find the proposed one will be superior to the others in terms of security and efficiency. We affirm that the proposed scheme will be able to lower the cost of maintenance and lighten the burden of system administrator, and thus promote the efficiency of access control to web services environments.