Journal of Software, Vol 6, No 12 (2011), 2456-2463, Dec 2011
doi:10.4304/jsw.6.12.2456-2463

A Policy-based Adaptive Web Services Security Framework

Bin Li, Lingjun Zhao, Junwu Zhu, Jun Wu

Abstract


Web services security has become a hot topic in the research of service oriented computing. This paper aims to study many pivotal technologies in the web services security. Firstly, a policy-based framework for adaptive web services security is proposed, with the policy concept, management mechanism and execution mechanism can be separated effectively, moreover, by management of user context and web services context, web services access control can adapt to the changed environment. Secondly, a policy description language called ReiT is given, ReiT is a declarative language based on the rules and ontology and can express the structural and non-structural knowledge. A mixed reasoning mechanism is proposed, the web service access control policy including the user context and web services context can be evaluated by the reasoner. Finally, a policy aware BDI agent to authorize the access control of the web services is presented, and a prototype system based on Java EE and Jade Agent platform is implemented, Simulation experimental results and an example demonstrate the security framework is feasible and effective.


Keywords


Web Service Security;Policy;Context-awareness;Ontology; Agent

References


[1] M.P. Papazoglou, W.J. Heuvel. Service oriented architectures: approaches, technologies and research issues. International Journal on Very Large Data Bases, 2007, 16(3):389-415.
http://dx.doi.org/10.1007/s00778-007-0044-3

[2] J. Yu, Y.B. Han. Service oriented computing-principle and application. Beijing:Tsinghua university press, 2006.

[3] R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman, “Role-based access control models”, Computer, IEEE Press, Feb. 1996, pp. 29(2): 38-47.

[4] S. Oh, S. Park, “Task-role-based access control model”, Information Systems, Elsevier Science Ltd., Sep. 2003, pp. 28(6): 533-562.

[5] M. Kudo, “PBAC: Provision-based access control model”, International Journal of Information Security, Springer Berlin, Feb. 2004, pp. 1(2): 116-130.

[6] J.M. Serrano, J. Serrat; A.Galis, “Ontology-Based Context Information Modelling for Managing Pervasive Applications”, 2006 International Conference on Autonomic and Autonomous Systems(ICAS'06), IEEE Press, USA, Jul. 2006, pp. 47-52

[7] R. Nabhen, E. Jamhour, and C. Maziero, “A Policy Based Framework for Access Control”, Information and Communications Security, Springer Berlin, Sep. 2003, pp. 2003(2836): 47-59.

[8] H. Wache, T. Vogele, U. Visser, H. Stuckenschmidt, G. Schuster, H. Neumann, and S. Hubner, “Ontology-Based Integration of Information-A Survey of Existing Approaches”, 17th International Joint Conference on Artificial Intelligence(IJCAI01), USA, Aug. 2001, pp. 108-117

[9] D. Weyns, G. Vizzari, and D. Keil, et al., Environments for Multi-Agent Systems II, Springer Berlin, The Netherlands, Feb. 2006

[10] L. Kagal, T. Finin, and J. Anupam, “A Policy Language for A Pervasive Computing Environment”, IEEE 4th International Workshop on Policies for Distributed Systems and Networks, IEEE Press, Jun. 2003, pp. 63-74.

[11] J. Buford, G.Jakobson, and L. Lewis, “Extending BDI Multi-Agent Systems with Situation Management”, Information Fusion, 2006. ICIF’06. 9th International Conference, Jul. 2006, pp. 1-7.

[12] K. Mukhar, et al., Beginning Java EE 5: From Novice to Professional, friends of ED, 2005.

[13] Java Agent DEvelopment Framework Homepage, http://jade.cselt.it/, 2009.

[14] N. Damianou, N. Dulay, E. Lupu, and M. Sloman, “The Ponder Policy Specification Language”, Workshop on Policies for Distributed Systems and Networks, UK, Jan. 2001, Springer-Verlag LNCS, pp. 18-39.
http://dx.doi.org/10.1007/3-540-44569-2_2

[15] G. Tonti, J.M. Bradshaw, R.Jeffers, R. Montanari, N. Suri, and A. Uszok, “Semantic Web Languages for Policy Representation and Reasoning: A Comparison of KAoS, Rei, and Ponder”, The SemanticWeb - ISWC 2003, Springer Berlin, Sep. 2003, pp. 419-437.


Full Text: PDF


Journal of Software (JSW, ISSN 1796-217X)

Copyright @ 2006-2012 by ACADEMY PUBLISHER – All rights reserved.