Browse > Article

A Study on Dynamic Role-based Service Allocation for Service Oriented Architecture System  

Park, Yong B. (Dankook University Dept. of Sofware Science)
Kwon, Ye Jin (Korea Institute Science and Technology Information)
Publication Information
Journal of the Semiconductor & Display Technology / v.17, no.1, 2018 , pp. 12-20 More about this Journal
Abstract
Recently, web-based service software has been used as to combine various information or to share information according to the needs of users and the convergence of specialized fields and individual dependent systems. According to the necessity of the user, the proper service environment and the selective service environment according to the purpose and the needs of the user have been studied in a variety of specialized and combined professional research fields and industries. Software based on cloud systems and web services is being used as a tool for appropriate group and user groups and roles. A service system combined dynamically needs a module to manage a user through internal logic and grant a service access authentication. Therefore, it has been considered various approaches that a user who accesses the system is given a service access authority for a certain period of time. Also, when the deadline is over, the authority that you are given to access system will go through the process of expire the right. In this paper, we define the roles of users who access web services, manage user rights according to each role, and provide appropriate service resources to users according to their rights and session information. We analyzed the procedure of constructing the algorithm for the service according to the procedure of each user accessing the web service, granting the service resource and constructing a new role.
Keywords
Role based Access Control; Web Service; Dynamic Role; Service Authority;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Ferraiolo, David F., D. Richard Kuhn, and Ramaswamy Chandramouli. "Role-Based Access Control, Artech House." Inc., Norwood, MA , 2003.
2 Nash, Michael J., and Keith R. Poland. "Some conundrums concerning separation of duty." Research in Security and Privacy, 1990. Proceedings., 1990 IEEE Computer Society Symposium on. IEEE, 1990.
3 Sandhu, Ravi S., et al. "Role-based access control models." Computer 29.2, pp. 38-47, 1996.   DOI
4 Sandhu, Ravi, David Ferraiolo, and Richard Kuhn. "The NIST model for role-based access control: towards a unified standard." ACM workshop on Role-based access control. Vol. 2000, pp. 1-11, 2000.
5 Bacon, Jean, et al. "Access control in publish/subscribe systems." Proceedings of the second international conference on Distributed event-based systems. ACM, pp. 23-34, 2008.
6 Xu, Zhongyuan, and Scott D. Stoller. "Algorithms for mining meaningful roles." Proceedings of the 17th ACM symposium on Access Control Models and Technologies. ACM, pp. 57-66, 2012.
7 Wang, Jingzhu, and Sylvia L. Osborn. "A role-based approach to access control for XML databases." Proceedings of the ninth ACM symposium on Access control models and technologies. ACM, pp. 70-77, 2004.
8 Chen, Tsung-Yi, et al. "Development of an access control model, system architecture and approaches for resource sharing in virtual enterprise." Computers in Industry, Vol. 58, No. 1, pp. 57-73, 2007.   DOI
9 Hepper, Stefan. "JSR 286: Java portlet specification version 2.0." Java Community Process, 2008.
10 Nicklous, M., and Stefan Hepper. "JSR 286: Portlet specification 2.0." Standard Available (retrieved 2011- 06-25) at http://www.jcp.org/en/jsr/detail, 2008.
11 Specifications, Introducing Java Portlet. "JSR 168 and JSR 286." Nettiartikkeli lokakuu, 2008.
12 Rezgui, Yacine. "Role-based service-oriented implementation of a virtual enterprise: A case study in the construction sector." Computers in Industry, Vol. 58, No. 1, pp. 74-86, 2007.   DOI
13 Kim, Tae-Young, et al. "A modeling framework for agile and interoperable virtual enterprises." Computers in industry, Vol. 57, No. 3, pp. 204-217, 2006.   DOI
14 Strembeck, Mark. "Scenario-driven role engineering." IEEE Security & Privacy, Vol. 8, No. 1, 2010.
15 Fadhel, Ameni Ben, Domenico Bianculli, and Lionel Briand. "A comprehensive modeling framework for role-based access control policies." Journal of Systems and Software, Vol. 107, pp. 110-126, 2015.   DOI
16 Le, Xuan Hung, et al. "An enhancement of the rolebased access control model to facilitate information access management in context of team collaboration and workflow." Journal of biomedical informatics, Vol.45, No. 6, pp. 1084-1107, 2012.   DOI
17 Biswas, Prosunjit, Ravi Sandhu, and Ram Krishnan. "Uni-ARBAC: A unified administrative model for rolebased access control." International Conference on Information Security. Springer, Cham, pp.218-230, 2016.