Proceedings Article10.1109/ICWS.2008.23
Enhancing Security Modeling for Web Services Using Delegation and Pass-On
Wei She,I-Ling Yen,Bhavani Thuraisingham +2 more
- 23 Sep 2008
- pp 545-552
38
TL;DR: This paper proposes an enhanced security model to facilitate the control of information flow through service chains that extends the basic security models by introducing the concepts of delegation and pass-on.
read more
Abstract: In recent years, the issues in web service security have been widely investigated and various security standards have been proposed But most of these studies and standards focus on the access control policies for individual web services and do not consider the access issues in composed services Consider a simple service chain where service s1 accesses s2, and s2, in turn, accesses service s3 The information returned from s3 to s2 may be used to compute some results that are further returned to s1 The current web service security framework does not provide any mechanisms to control such an information flow, and hence, sensitive information may be leaked to s1 without the consensus of s3 In this paper, we propose an enhanced security model to facilitate the control of information flow through service chains It extends the basic security models by introducing the concepts of delegation and pass-on Based on these concepts, new certificates, certificate chain, delegation and pass-on policies, and how they are used to control the information flow are discussed
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
USDL: A Service-Semantics Description Language for Automatic Service Discovery and Composition
TL;DR: An infrastructure using USDL (Universal Service-Semantics Description Language), a language for formally describing the semantics of Web services, which can be regarded as formal service documentation that will allow sophisticated conceptual modeling and searching of available Web Services, automated service composition, and other forms of automated service integration.
46
Patent
Managing data handling policies
Daniel J. Guinan
- 15 Mar 2013
TL;DR: In this article, the authors present a method, computer usable program product or system for automatically sharing a set of sensitive data in accordance with a setof predetermined policy requirements including receiving across a network a certified policy commitment for a node, authenticating the set of certified policy commitments; and upon a positive determination, transmitting across the network the sensitive data to the node.
38
Enhancing Security Modeling for Web Services Using Delegation and Pass-On
TL;DR: An enhanced security model to control the information flow in service chains is proposed by extending the basic web service security models by introducing the concepts of delegation and pass-on.
21
Behavioral Attestation for Business Processes
Masoom Alam,Mohammad Nauman,Xinwen Zhang,Tamleek Ali,Patrick C. K. Hung +4 more
- 06 Jul 2009
TL;DR: This paper has three objectives: firstly, the behavior of individual services in a business process is formally specified, and in order to overcome the inherent weaknesses of trust management through software alone, a hardware root of-trust devised by the TCG, is used for the measurement of the Behavior of Individual services inA business process.
References
The UCONABC usage control model
Jaehong Park,Ravi Sandhu +1 more
TL;DR: This paper introduces the family of UCONABC models for usage control (UCON), which integrate Authorizations, oBligations, and Conditions (C), and addresses the essence of U CON, leaving administration, delegation, and other important but second-order issues for later work.
Distributed access-rights management with delegation certificates
Tuomas Aura
- 01 Jun 2001
TL;DR: The basic idea of delegation certificates in abstract terms is explained and their advantages and limitations are discussed and decentralization of authority and operations is emphasized.
92
Model-driven trust negotiation for Web services
TL;DR: Trust-Serv is described, a trust negotiation framework for Web services, which features a policy language based on state machines that is supported by lifecycle management and automated runtime enforcement tools.
84
Extending the security assertion markup language to support delegation for Web services and grid services
Jun Wang,D. Del Vecchio,Marty Humphrey +2 more
- 11 Jul 2005
TL;DR: A set of verification rules for delegation tokens that rely on WS-Security X.509 signatures, but do not force any trust relationship between the delegatee and the target service, make it easier for Grid practitioners to build and consume Web and grid services without resorting to grid-specific protocols.
81
•Book
Web Services Research for Emerging Applications: Discoveries and Trends
Liang-Jie Zhang
- 09 Feb 2010
TL;DR: Web Services Research for Emerging Applications: Discoveries and Trends provides a comprehensive assessment of the latest developments in Web services, with chapters focused on composing and coordinating Web services and the design and development of Service Oriented Architectures.
51
Related Papers (5)
Wei She,Bhavani Thuraisingham,I-Ling Yen +2 more
- 14 Nov 2007
Carlos Gutiérrez,Eduardo Fernández-Medina,Mario Piattini +2 more
- 18 Sep 2006
Wenjun Zhang
- 02 Apr 2010