@inproceedings{6027902d0aed4f39804f9e48b628067c,
title = "Secure authorisation for web services",
abstract = "In this paper, we investigate the authorisation service provided by Microsoft{\textregistered}.NET MyServices [1]. We propose modifications and extensions to eXtensible Markup Language (XML) [2] based data structures' schemas to support a range of commonly used access policies in commercial systems. We have developed the modified access evaluation algorithms that take the proposed extensions into account. The extensions proposed in this paper have been used in the specification and analysis of a practical application involving access control to electronic patient records in hospitals.",
keywords = "Access control and authorisation, Security, Web services",
author = "Sarath Indrakanti and Vijay Varadharajan and Michael Hitchens and Rajat Kumar",
year = "2004",
language = "English",
isbn = "1402080697",
volume = "142",
series = "IFIP Advances in Information and Communication Technology",
publisher = "Springer, Springer Nature",
pages = "163--175",
editor = "{De Capitani di Vimercati}, Sabrina and Indrakshi Ray and Indrajit Ray",
booktitle = "Data and Applications Security XVII: Status and Prospects - IFIP TC11 / WG11.3 17th Annual Working Conference on Data and Applications Security",
address = "United States",
note = "IFIP TC11 / WG11.3 17th Annual Working Conference on Data and Applications Security ; Conference date: 04-08-2003 Through 06-08-2003",
}