Authorization service for web services and its implementation

Sarath Indrakanti; Vijay Varadharajan; Michael Hitchens

doi:10.1109/ICWS.2004.1314814

Authorization service for web services and its implementation

Sarath Indrakanti, Vijay Varadharajan, Michael Hitchens

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

4 Citations (Scopus)

26 Downloads (Pure)

Abstract

In this paper, we introduce the authorization issues for Web Services. We introduce the authorization service provided by Microsoft® .NET MyServices and then briefly describe our proposed modifications and extensions to the authorization service. We discuss the application of the extended authorization model to a healthcare system built using Web Services. We used the XML Access Control Language (XACL) to specify policies in XML and control access to the patient records stored in XML format. We then evaluated the suitability of XACL as an authorization policy language for Web Services.

Original language	English
Title of host publication	Proceedings - IEEE International Conference on Web Services
Place of Publication	Los Alamitos, CA
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Pages	774-777
Number of pages	4
ISBN (Print)	0769521673, 9780769521671
DOIs	https://doi.org/10.1109/ICWS.2004.1314814
Publication status	Published - 2004
Event	Proceedings - IEEE International Conference on Web Services - San Diego, CA, United States Duration: 6 Jul 2004 → 9 Jul 2004

Other

Other	Proceedings - IEEE International Conference on Web Services
Country/Territory	United States
City	San Diego, CA
Period	6/07/04 → 9/07/04

Bibliographical note

Copyright 2004 IEEE. Reprinted from Proceedings of the IEEE International Conference on Web Services (ICWS'04), June 6-9, 2004, San Diego, California, USA. IEEE Computer Society 2004. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Macquarie Universityâ€™s products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to [email protected]. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.

Access to Document

10.1109/ICWS.2004.1314814

Publisher version (open access).pdfFinal published version, 283 KB

Cite this

@inproceedings{347ae5588c244807940302c80d319651,

title = "Authorization service for web services and its implementation",

abstract = "In this paper, we introduce the authorization issues for Web Services. We introduce the authorization service provided by Microsoft{\textregistered} .NET MyServices and then briefly describe our proposed modifications and extensions to the authorization service. We discuss the application of the extended authorization model to a healthcare system built using Web Services. We used the XML Access Control Language (XACL) to specify policies in XML and control access to the patient records stored in XML format. We then evaluated the suitability of XACL as an authorization policy language for Web Services.",

author = "Sarath Indrakanti and Vijay Varadharajan and Michael Hitchens",

note = "Copyright 2004 IEEE. Reprinted from Proceedings of the IEEE International Conference on Web Services (ICWS'04), June 6-9, 2004, San Diego, California, USA. IEEE Computer Society 2004. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Macquarie University{\^a}€{\texttrademark}s products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to [email protected]. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.; Proceedings - IEEE International Conference on Web Services ; Conference date: 06-07-2004 Through 09-07-2004",

year = "2004",

doi = "10.1109/ICWS.2004.1314814",

language = "English",

isbn = "0769521673",

pages = "774--777",

booktitle = "Proceedings - IEEE International Conference on Web Services",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

address = "United States",

}

Indrakanti, S, Varadharajan, V & Hitchens, M 2004, Authorization service for web services and its implementation. in Proceedings - IEEE International Conference on Web Services. Institute of Electrical and Electronics Engineers (IEEE), Los Alamitos, CA, pp. 774-777, Proceedings - IEEE International Conference on Web Services, San Diego, CA, United States, 6/07/04. https://doi.org/10.1109/ICWS.2004.1314814

Authorization service for web services and its implementation. / Indrakanti, Sarath; Varadharajan, Vijay ; Hitchens, Michael.
Proceedings - IEEE International Conference on Web Services. Los Alamitos, CA: Institute of Electrical and Electronics Engineers (IEEE), 2004. p. 774-777.

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

TY - GEN

T1 - Authorization service for web services and its implementation

AU - Indrakanti, Sarath

AU - Varadharajan, Vijay

AU - Hitchens, Michael

N1 - Copyright 2004 IEEE. Reprinted from Proceedings of the IEEE International Conference on Web Services (ICWS'04), June 6-9, 2004, San Diego, California, USA. IEEE Computer Society 2004. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Macquarie Universityâ€™s products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to [email protected]. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.

PY - 2004

Y1 - 2004

N2 - In this paper, we introduce the authorization issues for Web Services. We introduce the authorization service provided by Microsoft® .NET MyServices and then briefly describe our proposed modifications and extensions to the authorization service. We discuss the application of the extended authorization model to a healthcare system built using Web Services. We used the XML Access Control Language (XACL) to specify policies in XML and control access to the patient records stored in XML format. We then evaluated the suitability of XACL as an authorization policy language for Web Services.

AB - In this paper, we introduce the authorization issues for Web Services. We introduce the authorization service provided by Microsoft® .NET MyServices and then briefly describe our proposed modifications and extensions to the authorization service. We discuss the application of the extended authorization model to a healthcare system built using Web Services. We used the XML Access Control Language (XACL) to specify policies in XML and control access to the patient records stored in XML format. We then evaluated the suitability of XACL as an authorization policy language for Web Services.

UR - http://www.scopus.com/inward/record.url?scp=4544368101&partnerID=8YFLogxK

U2 - 10.1109/ICWS.2004.1314814

DO - 10.1109/ICWS.2004.1314814

M3 - Conference proceeding contribution

AN - SCOPUS:4544368101

SN - 0769521673

SN - 9780769521671

SP - 774

EP - 777

BT - Proceedings - IEEE International Conference on Web Services

PB - Institute of Electrical and Electronics Engineers (IEEE)

CY - Los Alamitos, CA

T2 - Proceedings - IEEE International Conference on Web Services

Y2 - 6 July 2004 through 9 July 2004

ER -

Authorization service for web services and its implementation

Abstract

Other

Bibliographical note

Access to Document

Other files and links

Fingerprint

Cite this