The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.02 - February (2009 vol.42)
pp: 54-61
Halvard Skogsrud , ThoughtWorks
Hamid R. Motahari-Nezhad , University of New South Wales
Boualem Benatallah , University of New South Wales
Fabio Casati , University of Trento
ABSTRACT
As Web services become more widely adopted, developers must cope with the complexity of evolving trust negotiation policies spanning numerous autonomous services. The Trust-Serv framework uses a state-machine-based modeling approach that supports life-cycle policy management and automated enforcement.
INDEX TERMS
security, privacy, trust negotiation, Web services, software engineering, trust management
CITATION
Halvard Skogsrud, Hamid R. Motahari-Nezhad, Boualem Benatallah, Fabio Casati, "Modeling Trust Negotiation for Web Services", Computer, vol.42, no. 2, pp. 54-61, February 2009, doi:10.1109/MC.2009.56
REFERENCES
1. A. Herzberg et al., "Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers," Proc. 2000 IEEE Symp. Security and Privacy (SP 00), IEEE CS Press, 2000, pp. 2-14.
2. T. Grandison and M. Sloman, "A Survey of Trust in Internet Applications," IEEE Comm. Surveys &Tutorials, Oct. 2000, pp. 2-16.
3. E. Bertino, E. Ferrari, and A.C. Squicciarini, "Trust-X: A Peer-to-Peer Framework for Trust Establishment," IEEE Trans. Knowledge and Data Sharing, July 2004, pp. 827-842.
4. T. Yu, M. Winslett, and K.E. Seamons, "Supporting Structured Credentials and Sensitive Policies through Interoperable Strategies for Automated Trust Negotiation," ACM Trans. Information and System Security, Feb. 2003, pp. 1-42.
5. M. Winslett et al., "Negotiating Trust on the Web," IEEE Internet Computing, Nov./Dec. 2002, pp. 30-37.
6. K.E. Seamons, M. Winslett, and T. Yu, "Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation," Proc. 2001 Network and Distributed System Security Symp. (NDSS 01), Internet Society, 2001; www.isoc.org/isoc/conferences/ndss/01/papers seamons.pdf.
7. H. Skogsrud, B. Benatallah, and F. Casati, "Trust-Serv: Model-Driven Lifecycle Management of Trust Negotiation Policies for Web Services," Proc. 13th Int'l Conf. World Wide Web (WWW 04), ACM Press, 2004, pp. 53-62.
8. E. Bertino, E. Ferrari, and A.C. Squicciarini, "Privacy-Preserving Trust Negotiations," Privacy Enhancing Technologies, LNCS 3424, Springer, 2004, pp. 283-301.
9. H. Skogsrud, B. Benatallah, and F. Casati, "Model-Driven Trust Negotiation for Web Services," IEEE Internet Computing, Nov./Dec. 2003, pp. 42-52.
10. H. Skogsrud et al., "Managing Impacts of Security Protocol Changes in Service-Oriented Applications," Proc. 29th Int'l Conf. Software Engineering (ICSE 07), IEEE CS Press, 2007, pp. 468-477.
11. D.F. Ferraiolo et al., "Proposed NIST Standard for Role-Based Access Control," ACM Trans. Information and System Security, Aug. 2001, pp. 224-274.
12. H. Skogsrud et al., "Trust-Serv: A Lightweight Trust Negotiation Service," Proc. 30th Int'l Conf. Very Large Databases (VLDB 04), VLDB Endowment, 2004, pp. 1329-1332.
13. J. Rees et al., "PFIRES: A Policy Framework for Information Security," Comm. ACM, July 2003, pp. 101-106.
14. D. Basin, J. Doser, and T. Lodderstedt, "Model Driven Security: From UML Models to Access Control Infrastructures," ACM Trans. Software Eng. and Methodology, Jan. 2006, pp. 39-91.
3 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool