Abstract:
Web Services are designed to provide easier B2B
integration among enterprises. UDDI defines a standard
way for businesses to list their services and discover each
other on the Internet. Due to security concerns
organizations prefer to build their own private UDDI
registries in their corporate network, which are only
accessible by invited business partners. Since an
organization may only want the right business partners to
see only the right service information they have
permission to see, access control mechanisms inside the
private registry are desirable. Hence in this paper we
propose a role-based access control model in private
UDDI registries to help achieve information
confidentiality inside corporate registries. Based on
XACML, the model exploits XML’s own ability to build
access control in a UDDI registry.
