ABAC Conceptual Graph Model For Composite Web Services

The Web service technology provides an environment in which heterogeneous components can collaborate together to achieve a common goal. However, the opening of Web services on the Internet is still subject to security vulnerability. The increased awareness of the importance of security in composite Web services has made access control a relevant component. In recent years, Attribute Based Access Control (ABAC) is an emerging paradigm that has been studied, the latter allows the creation of access policies based on the attributes of the users, the objects and the environment. In this paper, an intuitive graphical access control model for composite web services based on conceptual graph is proposed. The proposed model allows the formalization of all ABAC attributes on conceptual graph, and the security process is also performed by the conceptual graph operations. On the one hand, the proposed model provides an intuitive tool to help the providers of Web service to manage their access control policies. On the other hand, the model makes a step towards in the development of access control models based on formal model.