Workflow-based dynamic access control in a service-oriented architecture

Gwan Hwan Hwang*, Chi Wu-Lee, Zhong Xiang Jiang

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

In this paper we propose a novel access control model called workflow-based dynamic access control (WBDAC) for SOA and workflow-based systems. Besides regulating the access control according to the dynamic behavior of workflow processes, the WBDAC is based on the idea of creating transient policies dynamically so as to alleviate the role- and rule-explosion problems in RBAC and ABAC. We define a logical expression language of WBDAC called the dynamic access control language for an SOA (DACL4SOA). We have also designed an architecture to support the DACL4SOA in SOA systems based on the Business Process Execution Language and the Extensible Access Control Markup Language. The presented implementation and experimental results demonstrate the feasibility of the proposed model.

Original languageEnglish
Title of host publicationProceedings - 26th IEEE International Conference on Advanced Information Networking and Applications Workshops, WAINA 2012
Pages47-52
Number of pages6
DOIs
Publication statusPublished - 2012
Event26th IEEE International Conference on Advanced Information Networking and Applications Workshops, WAINA 2012 - Fukuoka, Japan
Duration: 2012 Mar 262012 Mar 29

Publication series

NameProceedings - 26th IEEE International Conference on Advanced Information Networking and Applications Workshops, WAINA 2012

Other

Other26th IEEE International Conference on Advanced Information Networking and Applications Workshops, WAINA 2012
Country/TerritoryJapan
CityFukuoka
Period2012/03/262012/03/29

Keywords

  • Access Control Model
  • BPEL
  • SOA
  • Web Services
  • Workflow

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems

Fingerprint

Dive into the research topics of 'Workflow-based dynamic access control in a service-oriented architecture'. Together they form a unique fingerprint.

Cite this