Business process access control mechanism is a difficult problem in composite web services security applications.Considering the deficiency in current researches,an Activity Authorization Based Dynamic Access Control Model for BPEL4WS (AACBP)is proposed.By dissolving the coupling relationship between the organization model and the business process model,AACBP utilizes activity authorization as the basic unit to implement BPEL4WS access control.Through the activity instances,the model implements fine-gained access control of the activities,and realizes the synchronization of authorization and business process execution.At last,the paper also describes the implementa-tion architecture of AACBP model in web services secure composition.%业务流程访问控制机制是组合Web服务安全应用中的难点问题。针对现有研究不足,提出基于活动授权的Web服务业务流程动态访问控制模型AACBP(Activity Authorization Based Dynamic Access Control Model for BPEL4WS)。通过解除组织模型和业务流程模型间的耦合关系,AACBP将活动授权作为BPEL4WS(Business Process Expression Language for Web Services)活动访问控制实施的基本单元。依据活动实例动态感知上下文,AACBP细粒度约束活动访问授权,实现授权流与业务流程执行同步。最后给出AACBP模型在Web服务安全组合中的实施机制。
展开▼
