2013 IEEE 20th International Conference on Web Services (2006)
Chicago, Illinois, USA
Sept. 18, 2006 to Sept. 22, 2006
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICWS.2006.14
Hong MEI , Peking University, Beijing
Minghui ZHOU , Peking University, Beijing
In the service-oriented architecture, the components deployed on application servers are published as web services. Though many researches focus on how to authorize at the web service level currently, there is little work involving the authorization gap between the service and its component implementation. This paper tries to bridge the gap by proposing a service-oriented trust management model, which expands the application server?s capability to deal with more complex trust relationship between service users and services, and supplies a flexible trust management mechanism to integrate authentication and authorization together. Moreover, the model provides a finer granularity access control, sustains delegation between users, and has a certain extent reasoning capability. The model has been implemented in a J2EE application server, and the experiment has demonstrated that the model has high flexibility and scalability.
Hong MEI, Minghui ZHOU, "A Service-Oriented Trust Management Model on Application Server", 2013 IEEE 20th International Conference on Web Services, vol. 00, no. , pp. 170-177, 2006, doi:10.1109/ICWS.2006.14