ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Fine grained access control for SOAP E-services
Full text PdfPdf (258 KB)
Source International World Wide Web Conference archive
Proceedings of the 10th international conference on World Wide Web table of contents
Hong Kong, Hong Kong
Pages: 504 - 513  
Year of Publication: 2001
ISBN:1-58113-348-0
Authors
Ernesto Damiani  Dip. di Tecnologie, dell'Informazione, Università di Milano, Via Bramante 65, 26013 Crema, Italy
Sabrina De Capitani di Vimercati  Dip. di Elettronica, Università di Brescia, Via Branze 38, 25123 Brescia, Italy
Stefano Paraboschi  Dip. di Elettronica e, Informazione, Politecnico di Milano, Piazza L. da Vinci 32, 20133 Milano, Italy
Pierangela Samarati  Dip. di Tecnologie, dell'Informazione, Università di Milano, Via Bramante 65, 26013 Crema, Italy
Sponsors
SIGWEB: ACM Special Interest Group on Hypertext, Hypermedia, and Web
SIGLINK: Hypertext, Hypermedia, and Web
IW3C2 : International World Wide Web Conference Committee
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 5,   Downloads (12 Months): 45,   Citation Count: 11
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/371920.372152
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Piero Bonatti , Pierangela Samarati, Regulating service access and information release on the Web, Proceedings of the 7th ACM conference on Computer and communications security, p.134-143, November 01-04, 2000, Athens, Greece  [doi>10.1145/352600.352620]
 
2
D. Box. Simple Object Access Protocol (SOAP) 1.1. World Wide Web Consortium (W3C), May 2000. http://www.w3.org/TR/SOAP.
 
3
N. Brown and C. Kindel. Distributed Component Object Model Protocol - DCOM/1.0, January 1998. http://www.globecom.net/ietf/draft/draft-browndcom-v1-spec-03.html.
 
4
David Burdette , Marcus Goncalves, Internet Open Trading Protocol, McGraw-Hill Professional, 2000
 
5
Ernesto Damiani , Sabrina De Capitani di Vimercati , Stefano Paraboschi , Pierangela Samarati, Securing XML Documents, Proceedings of the 7th International Conference on Extending Database Technology: Advances in Database Technology, p.121-135, March 27-31, 2000
 
6
Ernesto Damiani , Sabrina De Capitani di Vimercati , Stefano Paraboschi , Pierangela Samarati, XML Access Control Systems: A Component-Based Approach, Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions, p.39-50, August 21-23, 2000
 
7
Stuart Feldman, The Changing Face of E-Commerce: Extending the Boundaries of the Possible, IEEE Internet Computing, v.4 n.3, p.82-83, May 2000  [doi>10.1109/MIC.2000.845395]
 
8
A.O. Freier, P. Karlton, andP.C. Kocher. The SSL Protocol - Version 3.0, March 1996. http://ftp.nectec.or.th/CIE/Topics/ssldraft/INDEX.HTM.
 
9
B. Gladman, C. Ellison, and N. Bohm. Digital Signatures, Certificates and Electronic Commerce. http://jya.com/bg/digsig.pdf, 1999.
10
Sushil Jajodia , Pierangela Samarati , V. S. Subrahmanian , Eliza Bertino, A unified framework for enforcing multiple access control policies, Proceedings of the 1997 ACM SIGMOD international conference on Management of data, p.474-485, May 11-15, 1997, Tucson, Arizona, United States
 
11
Java Remote Method Invocation (RMI). http://java.sun.com/j2se/1.3/docs/guide/rmi/index.html.
 
12
J. Kahan. WDAI: A Simple World-Wide Web Distributed Authorization Infrastructure. Computer Networks, 33(1-6), 2000.
13
Michiharu Kudo , Satoshi Hada, XML document security based on provisional authorization, Proceedings of the 7th ACM conference on Computer and communications security, p.87-96, November 01-04, 2000, Athens, Greece  [doi>10.1145/352600.352613]
 
14
M. Levy. COM Internet Services, April 1999. http://msdn.microsoft.com/library/backgrnd/html/ CIS.htm.
 
15
S. Lewontin and M.E. Zurko. The DCE Project: Providing Authorizations and other Distributed Services to the World-Wide Web. In Proc. of the 2nd World Wide Web Conference, October 1994. http://www.ncsa.uiuc.edu/SDG/IT94/Proceedings/ Security/lewontin/Web DCE Conf 94.html.
 
16
Ueli M. Maurer, Modelling a Public-Key Infrastructure, Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security, p.325-350, September 25-27, 1996
 
17
P. Nikander and A. Karila. A Java Beans Component Architecture for Cryptographic Protocols. In Proc. of the 7th Usenix Security Symposium, San Antonio, Texas, January 1998. http://www.tml.hut./Research/TeSSA/Papers/Nikander- Karila/nikander-karila-98.html.
 
18
Object Management Group. The CORBA Security Service Specification. ftp://ftp.omg.org/pub/docs/ptc.
 
19
J. Paajarvi. XML Encoding of SPKI Certificates. Internet Draft.
 
20
Remote Data Service: A Web Data Access Feature, 2000. http://www.microsoft.com/data/ado/rds.
21
Ravi Sandhu , David Ferraiolo , Richard Kuhn, The NIST model for role-based access control: towards a unified standard, Proceedings of the fifth ACM workshop on Role-based access control, p.47-63, July 26-28, 2000, Berlin, Germany  [doi>10.1145/344287.344301]
 
22
R. Sandhu and P. Samarati. Authentication, Access Control and Intrusion Detection. In A. Tucker, editor, Database Security VII: Status and Prospects, pages 1929-1948. CRC Press Inc., 1997.
 
23
The Common Object Request Broker: Architecture and Specification, Revision 2.1, August 1997. ftp://ftp.omg.org/pub/docs/formal/97-09-01.pdf.
 
24
The Information Content Exchange Protocol, W3C Note. http://www.w3.org/TR/note-ICE.
25
E. James Whitehead, Jr., World Wide Web distributed authoring and versioning (WebDAV): an introduction, StandardView, v.5 n.1, p.3-8, March 1997  [doi>10.1145/253452.253458]
 
26
World Wide Web Consortium (W3C). XML Path Language (XPath) Version 1.0, November 1999. http://www.w3.org/TR/xpath.
 
27
XML Metadata Interchange (XMI) specification. http://www.omg.org/cgi-bin/doc?ad/98-10-05.
 
28
XML-RPC Home Page. http://www.xmlrpc.com/.

CITED BY  11
Airi Salminen , Frank Wm. Tompa, Requirements for XML document database systems, Proceedings of the 2001 ACM Symposium on Document engineering, November 09-10, 2001, Atlanta, Georgia, USA
Reiner Kraft, Designing a distributed access control processor for network services on the Web, Proceedings of the 2002 ACM workshop on XML security, November 22-22, 2002, Fairfax, VA
Hristo Koshutanski , Fabio Massacci, An access control framework for business processes for web services, Proceedings of the 2003 ACM workshop on XML security, October 31-31, 2003, Fairfax, Virginia
David Scott , Richard Sharp, Developing Secure Web Applications, IEEE Internet Computing, v.6 n.6, p.38-45, November 2002
Andreas Matheus, Declaration and enforcement of fine-grained access restrictions for a service-based geospatial data infrastructure, Proceedings of the tenth ACM symposium on Access control models and technologies, June 01-03, 2005, Stockholm, Sweden
M. Coetzee , Jan H. P. Eloff, Virtual enterprise access control requirements, Proceedings of the 2003 annual research conference of the South African institute of computer scientists and information technologists on Enablement through technology, p.285-294, September 17-19, 2003
David Scott , Richard Sharp, Abstracting application-level web security, Proceedings of the 11th international conference on World Wide Web, May 07-11, 2002, Honolulu, Hawaii, USA
Hua Wang , Yanchun Zhang , Jinli Cao, Ubiquitous computing environments and its usage access control, Proceedings of the 1st international conference on Scalable information systems, p.6-es, May 30-June 01, 2006, Hong Kong
Sujan Pradhan , Hongen Lu, Business transaction coordination in multi-agent financial web services, International Journal of Web and Grid Services, v.3 n.1, p.38-57, March 2007
Hua Wang , Yanchun Zhang , Jinli Cao, Access control management for ubiquitous computing, Future Generation Computer Systems, v.24 n.8, p.870-878, October, 2008
Damjan Kovač , Denis Trček, Qualitative trust modeling in SOA, Journal of Systems Architecture: the EUROMICRO Journal, v.55 n.4, p.255-263, April, 2009

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.5 Local and Wide-Area Networks
          Subjects: Internet (e.g., TCP/IP)
      C.2.6 Internetworking
          Subjects: Standards (e.g., TCP/IP)

  H. Information Systems
  H.4 INFORMATION SYSTEMS APPLICATIONS
      H.4.3 Communications Applications

          Nouns: Internet

  I. Computing Methodologies
  I.7 DOCUMENT AND TEXT PROCESSING
      I.7.2 Document Preparation

          Nouns: XML

  K. Computing Milieux
  K.4 COMPUTERS AND SOCIETY
      K.4.4 Electronic Commerce
          Subjects: Security
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS


General Terms:
Design, Languages, Management, Performance, Security, Standardization, Theory


Keywords:
SOAP, XML, access control, certificates, roles

Collaborative Colleagues:
Ernesto Damiani: colleagues
Sabrina De Capitani di Vimercati: colleagues
Stefano Paraboschi: colleagues
Pierangela Samarati: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player