Download now Free registration required
Service composition has emerged as a fundamental technique for developing Web applications. Multiple services, often from different organizations or trust domains, may be dynamically composed to satisfy a user's request. Access control in the presence of service compositions is a challenging security problem. This paper present an access control model and techniques for specifying and enforcing access control rules on Web service compositions. A key advantage of their approach is that past histories of service invocations can be used to make access control decisions. Access controls rules may be parameterized by one or more arguments. They have implemented their access control model via a declarative policy specification language which uses Pure-Past Linear Temporal Logic (PPLTL).
- Format: PDF
- Size: 545.4 KB