A. Dara, F. Shams Aliee, and P. Mehregan (Iran)
Access Control, Case Study, Service Oriented Architecture, Composeability, Encapsulation.
Although the Service Oriented Architecture (SOA) concept has been accepted by many companies and organizations, it is still facing the existing challenges in security requirements and problems. One of the disputed security aspects in this architecture is Access Control. In this article, not only, are we trying to show the problems of traditional access control models when encountered by basic principles of SOA, but also, we are going to present a new language based access control (LBAC) that uses the concepts of languages and set theory as its formal bases. In this model an access language will be defined for each resource of organization consisting of functions and services, and a language will be assigned to each subject. Then, using its fundamental authorization rule, the model only allows the access to subjects that have a string of the language of requested resource. Using a sample scenario, we will show that proposed model can achieve the main goal of access controls which is making correct decisions about issuing permissions. Furthermore, this model shows better conformity with primitives such as interoperability, composeability and encapsulation from the security point of view. A small scaled implementation has also been presented.
Important Links:
Go Back
