For most current Web Service access control methods, Web Service providers create a series of access control roles based on specified attributes. Only by meeting all the roles can a subject obtain the access to necess...For most current Web Service access control methods, Web Service providers create a series of access control roles based on specified attributes. Only by meeting all the roles can a subject obtain the access to necessary operations and resources. However, because of the dynamic and open traits of Web Services, it is difficult for Web Service providers to work out an access control policy with moderate intensity and to realize a satisfactory balance between protecting the security of resources and maintaining the service reachable rate. To provide a solution to the above problem, this paper proposed a trust compensation access control method based on the Attribute-Based Access Control model. Our main contributions include a formal description of the access control method, a method to calculate the attribute trust degree based on time decay, and the trust compensation value of the attribute trust degree, as well as a new Service Oriented Architecture (SOA) architecture and its procedures based on a detailed trust compensation access control method.展开更多
文摘For most current Web Service access control methods, Web Service providers create a series of access control roles based on specified attributes. Only by meeting all the roles can a subject obtain the access to necessary operations and resources. However, because of the dynamic and open traits of Web Services, it is difficult for Web Service providers to work out an access control policy with moderate intensity and to realize a satisfactory balance between protecting the security of resources and maintaining the service reachable rate. To provide a solution to the above problem, this paper proposed a trust compensation access control method based on the Attribute-Based Access Control model. Our main contributions include a formal description of the access control method, a method to calculate the attribute trust degree based on time decay, and the trust compensation value of the attribute trust degree, as well as a new Service Oriented Architecture (SOA) architecture and its procedures based on a detailed trust compensation access control method.
