Login for Depositors Search USQ ePrints archive

Five examples of web-services for illustrating requirements for security architecture

Addie, Ronald G. and Moffatt, Sam and Dekeyser, Stijn and Colman, Alan (2011) Five examples of web-services for illustrating requirements for security architecture. In: 2nd International Conference on Data and Knowledge Engineering (ICDKE 2011), 6-8 Sep 2011, Milan, Italy.

Metadata

HTML CitationEndNoteDublin CoreReference Manager

Full text available as:

[img]
Preview
PDF (Accepted Version) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
169Kb

Official URL: http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6053929

Identification Number or DOI: doi: 10.1109/ICDKE.2011.6053929

Abstract

The tension caused by the need for expressive power when formulating security rules and the need to keep computational complexity low when undertaking the necessary access rule evaluations is a major challenge in the formulation of good security architecture. This paper provides five examples of security in web services. which illustrate this tension. These examples highlight the need for more expressiveness in the rules used to express policies in three cases, and in the other the fact that XACML appears to have nearly adequate expressiveness without undue complexity. Each example is expressed first informally, by describing a service which could concievably be provided in a web services architecture, then the example is also outlined using either XACML, first order logic or both.

Item Type:Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)
Additional Information:Accepted version deposited in accordance with the copyright policy of the publisher.
Uncontrolled Keywords:web-services; web-security; XACML; computational complexity; security architecture
Fields of Research (FOR2008):08 Information and Computing Sciences > 0806 Information Systems > 080612 Interorganisational Information Systems and Web Services
08 Information and Computing Sciences > 0805 Distributed Computing > 080505 Web Technologies (excl. Web Search)
08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security
Subjects:UNSPECIFIED
Socio-Economic Objective (SEO2008):B Ecomonic Development > 89 Information and Communication Services > 8903 Information Services > 890399 Information Services not elsewhere classified
ID Code:20257
Deposited By:
Profile Picture Dr Ron Addie
Deposited On:03 Feb 2012 15:21
Last Modified:17 Apr 2013 15:10

Archive Staff Only: edit this record
ABN: 40 234 732 081 | CRICOS: QLD 00244B | NSW 02225M | © University of Southern Queensland | Disclaimer | Privacy | Feedback | Contact us