3PAC: enforcing access policies for Web services

Bemmel, J. van; Wegdam, Maarten; Lagerberg, Ko

doi:10.1109/icws.2005.2

Cited by 3 publications

(2 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, we improve the performance of the policy enforcement since the evaluation of the static parts of the access policy is only done during discovery, contrary to for each interaction. We have prototyped this architecture for Web Services [11].…”

Section: Scalable Enforcement Of Privacy Policiesmentioning

confidence: 99%

Supporting context-aware mobile applications: an infrastructure approach

Sinderen

Halteren

Wegdam³

et al. 2006

IEEE Commun. Mag.

Self Cite

View full text Add to dashboard Cite

Section: Scalable Enforcement Of Privacy Policiesmentioning

confidence: 99%

Supporting context-aware mobile applications: an infrastructure approach

Sinderen

Halteren

Wegdam³

et al. 2006

IEEE Commun. Mag.

Self Cite

View full text Add to dashboard Cite

“…There have been many proposals to add security to web services, starting with the integration of RBAC in a web server [4]: formulating RBAC policies in XML [8] [23]; wrapping access control proxies around a web service [29]; injecting policy-enforcing code in a web service [26]. Finally, the XACML standard [20] offers a generic way to express security policies together with their semantics; the SAML standard [21] offers a generic means of exchanging authentication and authorization information between domains.…”

Section: Related Workmentioning

confidence: 99%

User Tasks and Access Control overWeb Services

Thomas

Paci

Bertino

et al. 2007

IEEE International Conference on Web Services (ICWS 2007)

View full text Add to dashboard Cite

Web services are a successful technology for enterprise information management, where they are used to expose legacy applications on the corporate intranet or in businessto-business scenarios. The technologies used to expose applications as web services have matured, stabilized, and are defined as W3C standards. Now, the technology used to build applications based on web services, a process known as orchestration, is also maturing around the Web Services Business Process Execution Language (WS-BPEL). WS-BPEL falls short on one feature though: as it is focused on orchestration of fully automatic web-services, WS-BPEL does not provide means for specifying human interactions, even less their access-control requirements. Human interactions are nonetheless needed for flexible business processes. This lacking feature of WS-BPEL has been highlighted in a white paper issued jointly by IBM and SAP, which "describes scenarios where users are involved in business processes, and defines appropriate extensions to WS-BPEL to address these." These extensions, called BPEL4People, are well explained, but their implementation isn't. In this paper, we propose a language for specifying these extensions, as well as an architecture to support them. The salient advantage of our architecture is that it allows for the reuse of existing BPEL engines. In addition, our language allows for specifying these extensions within the main BPEL script, hence preserving a global view of the process. We illustrate our extensions by revisiting the classic loan approval BPEL example.

show abstract

Design and Implementation of Conference Management System Based on ASP

Wang

2010

AMM

View full text Add to dashboard Cite

With the rapid development of the Internet and information, communication technology, human society began to enter into the intelligence community with the digital and network platform. With the popularization of computer application in schools, enterprises and other institutions, the meetings of governments, enterprises and institutions has broken the traditional model that the meetings are held in the same place and at the same time, and network meetings is to be popularized with the increasingly fast paces. But regardless of the company or the university, there exists the problems of meeting management. Now the overwhelming majority of the conference management is still in a state of manual, inefficient and prone to error, not manageable, not rule out any untrue phenomenon. Therefore, the internal management, self-improvement of the meeting management can not be ignored. This paper aims to resolve this problem by designing a meeting management website. Conference Management website ASP can be used to design the conference management website, ASP (Active Server Pages) dynamic website is a technology which is introduced by Microsoft Company to replace CGI (Common Gateway Interface)-a common Gateway Interface. By combining the knowledge of ASP HTML language, ASP directives and ActiveX components and Access database, the paper uses the own Web server to create and run a dynamic interactive Website 。The paper aims to realize the work of meeting managing, application, auditing, controlling, minutes of meetings processing through the meeting management website.

show abstract

3PAC: enforcing access policies for Web services

Cited by 3 publications

References 12 publications

Supporting context-aware mobile applications: an infrastructure approach

Supporting context-aware mobile applications: an infrastructure approach

User Tasks and Access Control overWeb Services

Design and Implementation of Conference Management System Based on ASP

Contact Info

Product

Resources

About