Journal Article10.1109/MIC.2003.1250583
Model-driven trust negotiation for Web services
83
TL;DR: Trust-Serv is described, a trust negotiation framework for Web services, which features a policy language based on state machines that is supported by lifecycle management and automated runtime enforcement tools.
read more
Abstract: Trust negotiation is an approach to access control whereby access is granted based on trust established in a negotiation between the service requester and the service provider. Trust negotiation systems avoid several problems facing traditional access control models such as DAC (discretionary access control) and MAC (mandatory access control). Another problem is that Web service providers often do not know requesters identities in advance because of the ubiquitousness of services. We describe Trust-Serv, a trust negotiation framework for Web services, which features a policy language based on state machines. It is supported by lifecycle management and automated runtime enforcement tools. Credential retrieval and validation in Trust-Serv rely on predefined Web services that provide interactions with attribute assertion authorities and public key infrastructure.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
An integrated trust and reputation model for open multi-agent systems
TL;DR: Fire, a trust and reputation model that integrates a number of information sources to produce a comprehensive assessment of an agent’s likely performance in open systems, is presented and is shown to help agents gain better utility than their benchmarks.
Information retrieval on Turkish texts
TL;DR: It is shown that a simple word truncation approach, a word truncations approach that uses language-dependent corpus statistics, and an elaborate lemmatizer-based stemmer provide similar retrieval effectiveness in Turkish IR.
493
Web services composition: A decade's overview
TL;DR: The life cycle of Web services composition is overviews and the main standards, research prototypes, and platforms are surveyed using a set of assessment criteria identified in the article.
440
Trust in digital information
Kari Kelton,Kenneth R. Fleischmann,William A. Wallace +2 more
TL;DR: This study develops a model of trust in digital information, integrating behavioral and social sciences research with information quality and human-computer interaction, positioning trust as a key mediator between information quality and usage, with implications for producers and consumers.
232
Representing, analysing and managing web service protocols
Boualem Benatallah,Fabio Casati,Farouk Toumani +2 more
- 01 Sep 2006
TL;DR: This paper discusses the different ways in which the middleware can leverage protocol descriptions, and focuses in particular on the notions of protocol compatibility, equivalence, and replaceability.
216
References
Role-based access control models
TL;DR: Why RBAC is receiving renewed attention as a method of security administration and review is explained, a framework of four reference models developed to better understandRBAC is described, and the use of RBAC to manage itself is discussed.
6.1K
Access control: principle and practice
Ravi Sandhu,Pierangela Samarati +1 more
TL;DR: The access matrix model is reviewed and different approaches to implementing the access matrix in practical systems are described, followed with a discussion of access control policies commonly found in current systems, and a brief consideration ofAccess control administration.
1.5K
Unraveling the Web services web: an introduction to SOAP, WSDL, and UDDI
Francisco Curbera,Matthew J. Duftler,Rania Khalaf,William A. Nagy,Nirmal K. Mukhi,Sanjiva Weerawarana +5 more
TL;DR: This tutorial explores the most salient and stable specifications in each of the three major areas of the emerging Web services framework, which are the simple object access protocol, the Web Services Description Language and the Universal Description, Discovery, and Integration directory.
1.5K
A survey of trust in internet applications
Tyrone Grandison,Morris Sloman +1 more
TL;DR: This survey examines the various definitions of trust in the literature and provides a working definition of trust for Internet applications and some influential examples of trust management systems.
Internet X.509 Public Key Infrastructure Certificate and CRL Profile
Russ Housley,W. Ford,W. Polk,D. Solo +3 more
- 01 Jan 1999
TL;DR: In this article, the X.509 v3 certificate is described in detail, with additional information regarding the format and semantics of Internet name forms (e.g., IP addresses).
1.1K