Abstract
Web services can be composed of other services in a highly dynamic manner. The existing role based authorization approaches have not adequately taken component services into account when managing access control for composite services. In this paper, we propose a service oriented conceptual model as an extension of role based access control that can facilitate the administration and management of access for service consumers as well as component services in composite web services. Various types of conflict of interest are identified due to the complicated relationships among service consumers and component services. A set of authorization rules are developed to prevent the conflict of interest. This research is a step forward to addressing the challenge in authorization in the context of composite web services.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Papazoglou, M., Georgakopoulos, D.: Service-Oriented Computing. Communications of the ACM 46(10), 25–28 (2003)
Sandhu, R.S., Coyne, E., Feinstein, H., Youman, C.: Role-based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Ferraiolo, D., Cugini, J., Kuhn, R.: Role Based Access Control: Features and Motivations. In: Proceedings of ACSAC (1995)
Sun, H., Zhao, W., Yang, J.: SOAC: A Conceptual Model for Managing Service-Oriented Authorization. In: Proceedings of the IEEE International Conference on Service Computing, pp. 546–553 (2010)
Bertino, E., Crampton, J., Paci, F.: Access Control and Authorization Constraints for WS-BPEL. In: Proceedings of the IEEE International Conference on Web Services, pp. 275–284 (2006)
Paci, F., Bertino, E., Crampton, J.: An Access Control Framework for WS-BPEL. International Journal of Web Service Research 5(3), 20–43 (2008)
Jordan, D., et al.: Web Services Business Process Execution Language Version 2.0 (WS-BPEL 2.0) (August. 2006), http://docs.oasis-open.org/wsbpel/2.0/
Mecella, M., Ouzzani, M., Paci, F., Bertino, E.: Access Control Enforcement for Conversation-based Web Service. In: Proceedings of the International World Wide Web Conference, pp. 257–266 (2006)
Paci, F., Ouzzani, M., Mecella, M.: Verification of Access Control Requirements In Web Servies Choreography. In: Proceedings of SCC, pp. 5–12 (2008)
Wonohoesodo, R., Tari, Z.: A Role Based Access Control for Web Services. In: Proceedings of SCC, pp. 49–56 (2004)
Fischer, J., Majumdar, R.: A Theorey of Role Composition. In: Proceedings of ICWS, pp. 49–56 (2008)
Ferraiolo, D., Sandhu, R., et al.: Proposed NIST Standard for Role-Based Access Control. ACM Trans. on Information and System Security (TISSEC) 4(3), 224–274 (2001)
Giblin, C., Hada, S.: Towards Separation of Duties for Services. In: The 6th Int. Workshop on SOA & Web Services Best Practices Committee, OOPSLA, Nashville, October 19 (2008)
Ahn, G., Sandhu, R.: Role-Based Authorization Constraints Specification. ACM Transactions on Information and System Security (TISSEC) 3(4), 207–226 (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sun, H., Zhao, W., Yang, J. (2010). Managing Conflict of Interest in Service Composition. In: Meersman, R., Dillon, T., Herrero, P. (eds) On the Move to Meaningful Internet Systems: OTM 2010. OTM 2010. Lecture Notes in Computer Science, vol 6426. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16934-2_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-16934-2_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16933-5
Online ISBN: 978-3-642-16934-2
eBook Packages: Computer ScienceComputer Science (R0)