• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2006, Vol. 28 ›› Issue (12): 22-23.

• 论文 • Previous Articles     Next Articles

  

  • Online:2006-12-01 Published:2010-05-20

Abstract:

In Web services, the traditional role-based access control model cannot implement content-based and contextbased access control policies flexibly, h cannot meet the demands of Web Services agent's dynamic and temporary features and Web services' context and content sensitivity. We propose a role-and agent-based access control model (ARBAC). In the ARBAC model, the access controoller of the Web services' agent will produce an agent entity which is used to replace the user(subject). The agent entity is a temporary and fictitious subject whose permission is limited  by the permission of the user and whose life cycle is within one requisition.

Key words: Web services, agent, agent entity, RBAC, ARBAC