Privacy protection for role-based access control in service oriented architecture

Service Oriented Architecture (SOA) changes the way of conducting business by opening their services/information to the larger business world over the networks. However, properties of "open" and "interoperable" of SOA make privacy security a sensitive issue since this architecture combines unknown individuals and individuals systems together. In SOA, service providers limit the permission of access to specific authorized individuals only, so they have to verify these individuals' identity information to decide if permission should be granted or not. On the other hand, access requestors are not willing to disclose their privacy in an open system to unknown parties. In this thesis, we present cryptography-based protocols to solve this issue of conflict. Our protocols are proposed for Role-Based Access Control (RBAC), which is a most popular access control methodology, in SOA environment. In addition, our protocols are compatible with current SOA standards and technologies such as XACML and SOAP.