Study on Policy-based Access Control for Web Services
基于策略的Web服务访问控制研究

Access control to resources is one of the most important requirements to be satisfied in open,heterogeneous Web service environment.A Policy-Based Access Control(PABC)model is proposed,and PBAC is compared with Role-Based Access Control(RABC).The requeirements for policy language and policy management architecture in PBAC are analyzed.Based on eXtensible access control language(XACML)and attribute-based access control(ABAC)model,a policy-based access control approach is proposed in this paper.This approach satisfies the requirements of the interoperability,flexibility and scalability to the Web service environment.In the end,senmantic policy language is prospected.