Computer Science

Computer Science ›› 2014, Vol. 41 ›› Issue (7): 102-104.doi: 10.11896/j.issn.1002-137X.2014.07.020

Previous Articles     Next Articles

Study on Activity-oriented Dynamic Access Authorization Model for BPEL4WS

SHANG Chao-wang,LIU Qing-tang,ZHAO Gang and TONG Ming-wen   

  • Online:2018-11-14 Published:2018-11-14

PDF (PC)

393

Abstract: Business process access control mechanism is a difficult problem in Web services composition application.According to the current deficiency of research in BPEL4WS secure access control,an Activity-Oriented Dynamic Access Authorization Model for BPEL4WS(ADABM) was proposed.By dissolving the coupling relationship between the organization model and business process model,ADABM refines the BPEL4WS access permission to activity level.The users can obtain the Web services access authorizations only when the corresponding activity meets the security requirements in BPEL4WS execution session.The grants and revokes of the activity access authorization can be implemented along with the process context.At last,the paper also described the implementation architecture of ADABM in Web services secure composition.

Key words: Web services composition,Activity,BPEL4WS,Access authorization,Implementation

[1] 宋巍,唐金辉,张功萱,等.WS-BPEL服务可替换性分析[J].中国科学:信息科学,2012,2(3):264-279
[2] Ahmed A.A compliance management framework for BusinessProcess models[D].Potsdam:University of Potsdam,2010
[3] Kristof G.Adaptive workflow composition in service-based systems[D].Leuven:Katholieke University,2012
[4] Manuel M,vNicola D.Implementing workflow reconfiguration in WS-BPEL[J].Journal of Internet Services and Information Security,2012,2(2):73-92
[5] Roman K.Provision of service level agreements in human-enhanced service-oriented computing environments[D].Vienna:Vienna University of Technology,2012
[6] Zahra D,Behrouz T L.A model for specification,compositionand verification of access control policies and its application to web services[J].Journal of Information Security,2012,3(2):103-120
[7] Mark S,Jan M.Modeling process-related RBAC models with extended UML activity models[J].Information and Software Technology,2011,53(2):456-483
[8] Yu Ding-guo.Role and task-based access control model for web service integration[J].Journal of Computational Information Systems,2012,8(7):2681-2689
[9] Ganna M,Achim D,et al.Security and Safety of Assets in Business Processes[C]∥Proceedings of the 27th Symposium on Applied Computing.2011:05-12
[10] Wang Xin.A framework to manage message level authorization in service oriented collaborative business processes[D].Melbourne:Victoria University,2010
[11] Bertino E,Martino D L,et al.Security for Web services and service-oriented architectures[M].Berlin:Springer,2010:170-175
[12] 上超望,刘清堂,等.组合Web服务访问控制技术研究综述[J].计算机科学,2011,2(3):264-279
[13] Allison D S, Miriam A M,Capretz H F,et al.Privacy Protection Framework with Defined Policies for Service-Oriented Architecture[J].Journal of Software Engineering and Applications,2012,9(5):200-215
[14] Thuemmler C,Fan L,et al.E-Health:Chances and Challenges of Distributed,Service oriented Architectures[J].Journal of Cyber Security and Mobility,2012,1(1):37-52
[15] Mohsen R.Security analysis for web services compositions [J].International Journal of Scientific & Engineering Research,2012,3(5):1-8
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.