Ws-AC: A fine grained access control system for Web services

Elisa Bertino, Anna C. Squicciarini, Ivan Paloscia, Lorenzo Martino

Research output: Contribution to journalArticlepeer-review

23 Scopus citations


The emerging Web service technology has enabled the development of Internet-based applications that integrate distributed and heterogeneous systems and processes which are owned by different organizations. However, while Web services are rapidly becoming a fundamental paradigm for the development of complex Web applications, several security issues still need to be addressed. Among the various open issues concerning security, an important issue is represented by the development of suitable access control models, able to restrict access to Web services to authorized users. In this paper we present an innovative access control model for Web services. The model is characterized by a number of key features, including identity attributes and service negotiation capabilities. We formally define the protocol for carrying on negotiations, by specifying the types of message to be exchanged and their contents, based on which requestor and provider can reach an agreement about security requirements and services. We also discuss the architecture of the prototype we are currently implementing. As part of the architecture we propose a mechanism for mapping our policies onto the WS-Policy standard which provides a standardized grammar for expressing Web services policies.

Original languageEnglish (US)
Pages (from-to)143-171
Number of pages29
JournalWorld Wide Web
Issue number2
StatePublished - Jun 2006

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications


Dive into the research topics of 'Ws-AC: A fine grained access control system for Web services'. Together they form a unique fingerprint.

Cite this