ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
An access control language for web services
Full text PdfPdf (253 KB)
Source Symposium on Access Control Models and Technologies archive
Proceedings of the seventh ACM symposium on Access control models and technologies table of contents
Monterey, California, USA
SESSION: Access Control Policies and Specifications table of contents
Pages: 23 - 30  
Year of Publication: 2002
ISBN:1-58113-496-7
Authors
Emin Gün Sirer  Cornell University, Ithaca, NY
Ke Wang  Cornell University, Ithaca, NY
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 5,   Downloads (12 Months): 77,   Citation Count: 8
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/507711.507715
What is a DOI?

ABSTRACT

This paper presents an approach for formally specifying and enforcing security policies on web service implementations. Networked services in general, and web services in particular, require extensive amounts of code to ensure that clients respect site-integrity constraints. We provide a language by which these constraints can be expressed and enforced automatically, portably and efficiently. Security policies in our system are specified in a language based on temporal logic, and are processed by an enforcement engine to yield site and platform-specific access control code. This code is integrated with a web server and platform-specific libraries to enforce the specified policy on a given web service. Our approach decouples the security policy specification from service implementations, provides a mandatory access control model for web services, and achieves good performance. We show that up to 22% of the code in a traditional web service module is dedicated to security checking functionality, including checks for client sequencing and parameter validation. We show that our prototype language implementation, WebGuard, enables web programmers to significantly reduce the amount of security checking code they need to develop manually. The quality of the code generated by WebGuard from formal policy specifications is competitive with the latency of handcrafted code to within a few percent.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
L. Badger , D. F. Sterne , D. L. Sherman , K. M. Walker , S. A. Haghighat, Practical Domain and Type Enforcement for UNIX, Proceedings of the 1995 IEEE Symposium on Security and Privacy, p.66, May 08-10, 1995
 
2
J. Barkley, A. Cincotta, D. Ferraiolo, S. Gavrila, and D.R. Kuhn. Role Based Access Control for the World Wide Web. In Proceedings of the 20th National Information System Security Conference, NIST/NSA, 1997.
 
3
D. Bell and L. LaPadula. Secure Computer System: Unified Exposition and Multics Interpretation. Technical Report MTR-1997, MITRE, Bedford, MA, 1975.
4
Elisa Bertino , Piero Andrea Bonatti , Elena Ferrari, TRBAC: a temporal role-based access control model, Proceedings of the fifth ACM workshop on Role-based access control, p.21-30, July 26-28, 2000, Berlin, Germany  [doi>10.1145/344287.344298]
 
5
K. J. Biba. Integrity Constraints for Secure Computer Systems. Technical Report ESD-TR76-372, USAF Electronic System Division, Bedford, Massachusetts, April 1977.
 
6
M. Bishop. How to Write a Setuid Program. ;login: The USENIX Association Newsletter, 12(1):5--11, Jan./Feb. 1987.
 
7
W.E. Boebert and R.Y. Kain, A Practical Alternative to Hierarchical Integrity Policies. In Proceedings of the 8th National Computer Security Conf., Gaithersburg, MD, 1985.
 
8
S. Bunch. The Setuid Feature in UNIX and Security. In Proceedings of Tenth National Computer Security Conference, September 1987, 245--253.
 
9
CNet. Microsoft plugs Hotmail security hole. http://news.cnet.com/news/0-1003-200-6941020.html, August 2001.
 
10
Ernesto Damiani , Sabrina De Capitani di Vimercati , Stefano Paraboschi , Pierangela Samarati, Securing XML Documents, Proceedings of the 7th International Conference on Extending Database Technology: Advances in Database Technology, p.121-135, March 27-31, 2000
 
11
Ernesto Damiani , Sabrina De Capitani di Vimercati , Stefano Paraboschi , Pierangela Samarati, XML Access Control Systems: A Component-Based Approach, Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions, p.39-50, August 21-23, 2000
12
Edsger W. Dijkstra, Guarded commands, nondeterminacy and formal derivation of programs, Communications of the ACM, v.18 n.8, p.453-457, Aug. 1975  [doi>10.1145/360933.360975]
13
Úlfar Erlingsson , Fred B. Schneider, SASI enforcement of security policies: a retrospective, Proceedings of the 1999 workshop on New security paradigms, p.87-95, September 22-24, 1999, Caledon Hills, Ontario, Canada  [doi>10.1145/335169.335201]
 
14
D. Ferraiolo and R. Kuhn. Role-Based Access Control. In Proceedings of the 15th National Computer Security Conference, Baltimore, Maryland, 1992, 554--563.
 
15
J. Goguen and J.Meseguer. Security Policies and Security Models. In Proceedings of the 1982 IEEE Symp. on Research in Security and Privacy, IEEE Computer Society Press, 1982.
 
16
G.Graham and P.Denning. Protection: Principles and Practice. In Proceeding of Spring Joint Computer Conf., AFIPS Press, 1972.
 
17
M. Gray. Web Growth Summary. http://www.mit.edu/people/mkgray/net/, December 1997.
 
18
Sushil Jajodia , Pierangela Samarati , V. S. Subrahmanian, A Logical Language for Expressing Authorizations, Proceedings of the 1997 IEEE Symposium on Security and Privacy, p.31, May 04-07, 1997
 
19
D. Kristol, L. Montulli. HTTP State Management Mechanism. Request for Comments RFC-2965, Internet Engineering Task Force, October 2000.
20
Butler W. Lampson, Protection, ACM SIGOPS Operating Systems Review, v.8 n.1, p.18-24, January 1974  [doi>10.1145/775265.775268]
21
Leslie Lamport, The temporal logic of actions, ACM Transactions on Programming Languages and Systems (TOPLAS), v.16 n.3, p.872-923, May 1994  [doi>10.1145/177492.177726]
 
22
Zohar Manna , Amir Pnueli, The temporal logic of reactive and concurrent systems, Springer-Verlag New York, Inc., New York, NY, 1992
 
23
OpenACS Documentation. http://www.openacs.org/, December 2001.
 
24
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
 
25
Ravi S. Sandhu, Lattice-Based Access Control Models, Computer, v.26 n.11, p.9-19, November 1993  [doi>10.1109/2.241422]
 
26
Fred B. Schneider, Enforceable Security Policies, Cornell University, Ithaca, NY, 1998
 
27
D. J. Thomsen and J. T. Haigh. A Comparison of Type Enforcement and Unix Setuid Implementation of Well-formed Transactions. In Proceedings of Sixth Annual Computer Security Applications Conf., Tucson, Arizona, December 1990, 304-312. Whitehat, Inc. Secure Web Programming, http://www.whitehatsec.com/, December 2001.

CITED BY  8
Andrew D. Gordon , Riccardo Pucella, Validating a Web service security abstraction by typing, Proceedings of the 2002 ACM workshop on XML security, November 22-22, 2002, Fairfax, VA
Radha Jagadeesan , Will Marrero , Corin Pitcher , Vijay Saraswat, Timed constraint programming: a declarative approach to usage control, Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming, p.164-175, July 11-13, 2005, Lisbon, Portugal
Christian Skalka , X. Sean Wang, Trust but verify: authorization for web services, Proceedings of the 2004 workshop on Secure web service, p.47-55, October 29-29, 2004, Fairfax, Virginia
Keith Irwin , Ting Yu , William H. Winsborough, On the modeling and analysis of obligations, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA
Fahima Cheikh , Giuseppe De Giacomo , Massimo Mecella, Automatic web services composition in trustaware communities, Proceedings of the 3rd ACM workshop on Secure web services, November 03-03, 2006, Alexandria, Virginia, USA
Massimo Mecella , Mourad Ouzzani , Federica Paci , Elisa Bertino, Access control enforcement for conversation-based web services, Proceedings of the 15th international conference on World Wide Web, May 23-26, 2006, Edinburgh, Scotland
Eduardo Fernández-Medina , Juan Trujillo , Rodolfo Villarroel , Mario Piattini, Access control and audit model for the multidimensional modeling of data warehouses, Decision Support Systems, v.42 n.3, p.1270-1289, December 2006
Eduardo Fernández-Medina , Juan Trujillo , Rodolfo Villarroel , Mario Piattini, Developing secure data warehouses with a UML extension, Information Systems, v.32 n.6, p.826-856, September, 2007

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls


General Terms:
Security


Keywords:
access control, web services

Collaborative Colleagues:
Emin Gün Sirer: colleagues
Ke Wang: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player