期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2014
卷号:64
期号:2
出版社:Journal of Theoretical and Applied
摘要:With the increasing tendency among business organizations to move around the web services platform, Web services paradigm creates new security challenges which can only be realized by developing effective access control models. Now a day service provider�s big challenge is detecting and preventing malicious requesters or behaviours. In order to evade malicious requesters or behaviors, the service providers who allows service requester to access the web services, requires development of access control models that can capture relevant information about a service requester at the time of access request and incorporate this information for making effective access control decisions. This proposed system provides an enhanced approach to detect and prevent IP address spoofing, SQL injection to avoid unauthorized users and capture relevant information such as network conditions, frequency of access, timeout, success rate, failure rate etc., about a service requester and establish trust value. Based on the trust value the honest and active users will be allowed to access the service otherwise their trust value will be decreased and not be allowed to access the service. So this method would control malicious requesters to access the web services and make the authorization process effective. This paper also compares existing system and proposed system and verifies the performance and correctness of the proposed work based on simulation results from a prototype implementation.
关键词:Web Services; Trust based Access Control; Access model for service requester; Trust Authorization Model
