UCSC Digital Library >
Infomation Security Masters >
Master of Science in Information Security - 2014 >
Please use this identifier to cite or link to this item:
|Title: ||Access Control for RESTful Web Services|
|Authors: ||Jayaweera, R.D.|
|Issue Date: ||23-May-2014|
|Abstract: ||Web services is the prominent methodology of communicating data over network. A web
service accepts an XML based or JSON based request and return a response according to the
request. RESTful form of web services is a mechanism of exchanging data in compliance with
HTTP protocol. These services may or may not supply confidential information.
Information security has three main aspects – Confidentiality, Integrity and Availability. The
data services which give out potentially secretive information need to be secure from any
unauthorized access. These services can be restricted to a user, a group of users, based on time,
This study is about defining and implementing an extensible access control framework for
RESTful web services. There are quite a number of security frameworks that provide access
control systems in the market. But none of them can be connected to authorize a RESTful web
service out of the box.
This framework should be able to connect to any authentication, authorization and accounting
service. This study will further benchmark the new access control framework's performance in
order to position it with the other access control systems in the market.|
|Appears in Collections:||Master of Science in Information Security - 2014|
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.