Secure authorisation for web services

Sarath Indrakanti, Vijay Varadharajan, Michael Hitchens, Rajat Kumar

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

2 Citations (Scopus)

Abstract

In this paper, we investigate the authorisation service provided by Microsoft®.NET MyServices [1]. We propose modifications and extensions to eXtensible Markup Language (XML) [2] based data structures' schemas to support a range of commonly used access policies in commercial systems. We have developed the modified access evaluation algorithms that take the proposed extensions into account. The extensions proposed in this paper have been used in the specification and analysis of a practical application involving access control to electronic patient records in hospitals.

Original languageEnglish
Title of host publicationData and Applications Security XVII: Status and Prospects - IFIP TC11 / WG11.3 17th Annual Working Conference on Data and Applications Security
EditorsSabrina De Capitani di Vimercati, Indrakshi Ray, Indrajit Ray
Place of PublicationBoston, MA
PublisherSpringer, Springer Nature
Pages163-175
Number of pages13
Volume142
ISBN (Print)1402080697, 9781402080692, 9781402080708
Publication statusPublished - 2004
EventIFIP TC11 / WG11.3 17th Annual Working Conference on Data and Applications Security - Estes Park, CO, United States
Duration: 4 Aug 20036 Aug 2003

Publication series

NameIFIP Advances in Information and Communication Technology
Volume142
ISSN (Print)18684238

Other

OtherIFIP TC11 / WG11.3 17th Annual Working Conference on Data and Applications Security
CountryUnited States
CityEstes Park, CO
Period4/08/036/08/03

Keywords

  • Access control and authorisation
  • Security
  • Web services

Fingerprint Dive into the research topics of 'Secure authorisation for web services'. Together they form a unique fingerprint.

Cite this