An Access Control Model for Web Services with Dynamic Separation of Duty Rules
One of the most significant difficulties with developing Service-Oriented Architecture (SOA) involves meeting its security challenges. Access control is an important security mechanism for organizations to protect their resources in collaborative environments and processes. In these processes, shared resources are often used and there are complex relationships between activities and users, so the definition and administration of different security levels (tasks, users, resources, etc.) is necessary. Different access control models and mechanisms have been proposed in recent years. However, under the new collaborative paradigm based on Web services and workflow technologies, some specific access control requirements should be addressed to support the various processes.