Open Access Open Access  Restricted Access Subscription or Fee Access

Security Over Web Services Using Evidence Based Access Control

E. S. Shameem Sulthana, Dr. S. Kanmani


This work focus on using evidence for making access control decisions in present computing environments. These environments create new interaction scenarios that traditional access control approaches handle poorly. This approach views access control as the filtering of messages between communicating services. This work implements the evidence-based approach with a mechanism analogous to a network firewall, filtering messages going to and from a service.
The main goal of this work is it supports communication between parties in different trust domains, allow evidence associated with parties to be securely collected and evaluated for the purpose of allowing access to resources, create an ecosystem in which evidence providers can flourish.
This will describe the design of the evidence-based access models; discuss usage scenarios, and present preliminary results.
The results suggest that this approach is flexible enough to accommodate interesting present computing scenarios and efficient enough to implement on small devices.


Access Control, Evidence, Firewall, Security, Web Services.

Full Text:



Nishith Khantal , Johannes Helander ,Benjamin G. Zorn, Oscar Almeida, Evidence-Based Access Control for Ubiquitous Web Services, Web 2.0 Security and Privacy 2008 Workshop, May 2008, Oakland, CA.

Johannes Helander and Benjamin Zorn. Medina: Combining evidence to build trust. In Proceedings of the Workshop on Web 2.0 Security and Privacy 2007 (W2SP'07), May 2007.

Hei D.D. and Yang, J., Security Policy Specification and Integration in Business Collaboration. Proc. of IEEE International Conference on Service Computing, 2007, pp. 20--27.

Srivatsa, M., Iyengar, A., Mikalsen, T., Rouvellou I. and Yin, J., An Access Control System for Web Service Compositions. Proc. of IEEE International Conference on Web Services, 2007, pp. 1—8.

M.P.Oo, N.L.Thein, T.T.Naing , “Grid Security Framework for Managing the Certificate” Proceedings of the 2006 IEEE/WIC/ACM International Conference on Web Intelligence, p-166.

M.P.Oo and T.T.Naing , “Controlling Certificate to Authenticate Grid Users”, Proceeding of the International Conbference on Internet Information Retrieval , Hankuk Aviation University of Korea, 2006.

M. Paletta, and P. Herrero, “Banking Frauds: An Agents-Based Training Framework to Follow-up the Swindlers Learning Process”, Special Issue of International Transactions on Systems Science and Applications, Vol.3, No. 2, (2007) (to be published).

Zhaoyu Liu and Daoxi Xiu. Agent-based automated trust negotiation for pervasive computing. In Proceedings of the International Conference on Embedded Software and Systems (ICESS'05). IEEE, December 2005.

N. K. Ratha, J. H. Connell, and R. M. Bolle. Enhancing security and privacy in biometrics-based authentication systems. IBM Sys. Journal,40(3):614 - 634, 2007.

Y. Adini, Y. Moses, and S. Ullman, “Face recognition: the problem of compensating for changes in illumination direction,” IEEE Trans.Pattern Anal. Machine Intell. vol. 19, pp. 721–732, July 2007.

Jacques Thomas, Federica Paci, Elisa Bertino, and Patrick Eugster,“User Tasks and Access Control overWeb Services”, Journal of IEEE 2007 IEEE International Conference on Web Services (ICWS 2007)0-7695-2924-0/07.

Genevieve Bell , Paul Dourish ,” Yesterday’s tomorrows: notes on ubiquitous computing’s dominant vision “, Received: 31 August 2005 / Accepted: 25 April 2006 / Published online: 22 November 2006.

Springer-Verlag London Limited 2006Pers Ubiquit Comput (2007) 11:133–143 ,DOI 10.1007/s00779-006-0071-x.

K. Truong, G. Abowd, and J. Brotherton, “Who, what, when, where,how: Design issues of capture & access applications,” in Proceedings of the Third International Conference on Ubiquitous Computing, 2001, pp.209–224.


  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.