EXACML: An Extended XACML Model to Ensure Secure Information Access in Web Services
碩士 === 國立東華大學 === 資訊工程學系 === 96 === More and more software systems based on web services have been developed. Web service development techniques are thus becoming crucial. To ensure secure information access, access control should be taken into consideration when developing web services. This paper...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | zh-TW |
| Published: |
2008
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/38gju5 |
| Summary: | 碩士 === 國立東華大學 === 資訊工程學系 === 96 === More and more software systems based on web services have been developed. Web service development techniques are thus becoming crucial. To ensure secure information access, access control should be taken into consideration when developing web services. This paper proposes an extended XACML model named EXACML to ensure secure information access for web services. It is based on the technique of information flow control. Primary features offered by the model are: (1) both the information of requesters and that of web services are protected, (2) the access control of web services is more flexible than just “allow or reject” policy in the original XACML model, and (3) the model will deny non-secure information access during the execution of a web service even when a requester is allowed to invoke the web service.
|
|---|