Guarantee-Based Access Control

Abstract

New web technologies, such as the Semantic Web and the Social Web, have changed the way services and informationare accessed. These new technologies allow more usable and interoperable services to be realized. They help serviceproviders to reach more individuals. Automatic service discovery and invocation can also benefit from these technologies.Unfortunately, several threats to security, privacy, and trust come along with these benefits. For example, making services interoperable increases the chance of profiling individuals, which constitutes a privacy threat. Security measures, such as access control, should handle the potential threats of opening previously encapsulated web services.We present a new access-control model, guarantee-based access control (GBAC). The new model constructs certificates based on guarantees rather than attributes. These guarantees are then used as the basis for access-control decisions. The model also permits access rights to be based on a set of individuals in a particular structured relationship. Thus, GBAC resists threats to individuals’ privacy, such as profiling, whether access decisions are based on the participation of one or more individuals. Themodel suits the open nature of new web technologies.

DOI: 10.1109/CSE.2009.143

4 Figures and Tables

Cite this paper

@article{Hussain2009GuaranteeBasedAC, title={Guarantee-Based Access Control}, author={Mohammed Hussain and David B. Skillicorn}, journal={2009 International Conference on Computational Science and Engineering}, year={2009}, volume={3}, pages={201-206} }