Authorization service for Web Services and its application in a health care domain

Research output: Contribution to journalReview articlepeer-review

8 Citations (Scopus)


In this paper, we discuss the design issues for an authorization framework for Web Services. In particular, we describe the features required for an authorization policy language for Web Services. We briefly introduce the authorization service provided by Microsoft .NET MyServices and describe our extended authorization model that proposes extensions to the .NET MyServices authorization service to support a range of authorization policies required in commercial systems. We discuss the application of the extended authorization model to a health care system built using Web Services. We use the XML Access Control Language (XACL) in our implementation to demonstrate our extended authorization model. This also enables us to evaluate the range of authorization policies that XACL supports.

Original languageEnglish
Pages (from-to)94-119
Number of pages26
JournalInternational Journal of Web Services Research
Issue number4
Publication statusPublished - 2005


Dive into the research topics of 'Authorization service for Web Services and its application in a health care domain'. Together they form a unique fingerprint.

Cite this