Minimal role mining method for Web service composition

• Published in: Frontiers of information technology & electronic engineering Vol. 11; no. 5; pp. 328 - 339
• Main Authors: Huang, Chao, Sun, Jian-ling, Wang, Xin-yu, Si, Yuan-jie
• Format: Journal Article
• Language: English
• Published: Heidelberg SP Zhejiang University Press 01.05.2010; Springer Nature B.V
• Subjects: Access control; Algorithms; Communications Engineering; Composition; Computer Hardware; Computer Science; Computer Systems Organization and Communication Networks; Electrical Engineering; Electronics and Microelectronics; Greedy algorithms; Instrumentation; Mapping; Networks; Web services; Access control policy; Web service security; Role base access control (RBAC); TP309; Role mapping; Web service composition; Role mining
• ISSN: 1869-1951; 2095-9184; 1869-196X; 2095-9230
• DOI: 10.1631/jzus.C0910186

Web service composition is a low cost and efficient way to leverage the existing resource and implementation. In current Web service composition implementations, the issue of how to define the role for a new composite Web service has been little addressed. Adjusting the access control policy for a new composite Web service always causes substantial administration overhead from the security administrator. Furthermore, the distributed nature of Web service based applications makes traditional role mining methods obsolete. In this paper, we analyze the minimal role mining problem for Web service composition, and prove that this problem is NP-complete. We propose a sub-optimal greedy algorithm based on the analysis of necessary role mapping for interoperation across multiple domains. Simulation shows the effectiveness of our algorithm, and compared to the existing methods, our algorithm has significant performance advantages. We also demonstrate the practical application of our method in a real agent based Web service system. The results show that our method could find the minimal role mapping efficiently.