Securing SOAP e-services
作者: E. Damiani , S. De Capitani di Vimercati , S. Paraboschi , P. Samarati
关键词: The Internet 、 World Wide Web 、 Computer security 、 XML-RPC 、 ebXML 、 Computer science 、 XML 、 Access control 、 XML Signature 、 SOAP 、 XML Protocol
摘要: Remote service invocation via HTTP and XML promises to become an important component of the Internet infrastructure. Work is ongoing in W3C Protocol Working Group define a common standard, solutions like SOAP XML-RPC are already used few situations, demonstrating potential. However, no standard technique for access control security currently defined these protocols. In this paper, we propose approach that relies on structure requests support fine-grained authorizations at level individual elements attributes comprise call. The result simple yet general specify enforce e-services.
springer.com
sci-hub.se 参考文章(17)
Charlie Kindel, Nina Brown, Distributed Component Object Model Protocol -- DCOM/1.0 ,(1998)
E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati, XML Access Control Systems: A Component-Based Approach Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions. pp. 39- 50 ,(2000) , 10.1007/0-306-47008-X_4
Ernesto Damiani, Sabrina De Capitani Di Vimercati, Stefano Paraboschi, Pierangela Samarati, None, Securing XML Documents extending database technology. pp. 121- 135 ,(2000) , 10.1007/3-540-46439-5_8
Pekka Nikander, Arto Karila, A java beans component architecture for cryptographic protocols usenix security symposium. pp. 8- 8 ,(1998)
Philip Karlton, Alan Freier, Paul Kocher, The SSL Protocol Version 3.0 draft-freier-ssl-version3-02.txt. ,(1996)
V. Vavadharajan, C. Crall, J. Pato, Authorization in enterprise-wide distributed system: a practical design and application annual computer security applications conference. pp. 178- 189 ,(1998) , 10.1109/CSAC.1998.738614
Piero Bonatti, Pierangela Samarati, Regulating service access and information release on the Web computer and communications security. pp. 134- 143 ,(2000) , 10.1145/352600.352620
Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, Pierangela Samarati, Design and implementation of an access control processor for XML documents the web conference. ,vol. 33, pp. 59- 75 ,(2000) , 10.1016/S1389-1286(00)00053-0
S. Feldman, The Changing Face Of E-commerce: Extending The Boundaries Of The Possible IEEE Internet Computing. ,vol. 4, pp. 82- 83 ,(2000) , 10.1109/MIC.2000.845395
E. James Whitehead, World Wide Web distributed authoring and versioning (WebDAV): an introduction ACM Standardview. ,vol. 5, pp. 3- 8 ,(1997) , 10.1145/253452.253458