Article

Trust-serv: model-driven lifecycle management of trust negotiation policies for web services

Authors:

Halvard Skogsrud,

Boualem Benatallah,

Fabio CasatiAuthors Info & Claims

WWW '04: Proceedings of the 13th international conference on World Wide Web

Pages 53 - 62

https://doi.org/10.1145/988672.988680

Published: 17 May 2004 Publication History

Abstract

A scalable approach to trust negotiation is required in Web service environments that have large and dynamic requester populations. We introduce Trust-Serv, a model-driven trust negotiation framework for Web services. The framework employs a model for trust negotiation that is based on state machines, extended with security abstractions. Our policy model supports lifecycle management, an important trait in the dynamic environments that characterize Web services. In particular, we provide a set of change operations to modify policies, and migration strategies that permit ongoing negotiations to be migrated to new policies without being disrupted. Experimental results show the performance benefit of these strategies. The proposed approach has been implemented as a container-centric mechanism that is transparent to the Web services and to the developers of Web services, simplifying Web service development and management as well as enabling scalable deployments.

References

[1]

B. Benatallah, Q. Z. Sheng, and M. Dumas. The Self-Serv Environment for Web Services Composition. IEEE Internet Computing, 7(1):40--48, Jan./Feb. 2003.

Digital Library

[2]

E. Bertino, E. Ferrari, and V. Atluri. The Specification and Enforcement of Authorization Constraints in Workflow Management Systems. ACM Trans. Information and System Security (TISSEC), 2(1):65--104, Feb. 2002.

Digital Library

[3]

E. Bertino, E. Ferrari, and A. C. Squicciarini. 967;TNL: An XML-based Language for Trust Negotiations. In Proc. 4th Int'l. Workshop Policies for Distributed Systems and Networks (POLICY'03), June 2003.

Digital Library

[4]

C. Bettini et al. Provisions and Obligations in Policy Management and Security Applications. In Proc. 28th Conf. Very Large Data Bases (VLDB '02), Aug. 2002.

Digital Library

[5]

P. Bonatti and P. Samarati. A Unified Framework for Regulating Access and Information Release on the Web. J. Computer Security, 10(3):241--272, 2002.

Digital Library

[6]

F. Casati et al. Workflow Evolution. Data and Knowledge Eng., 24(3):211--238, Jan. 1998.

Digital Library

[7]

F. Curbera et al. Unraveling the Web Services Web: An Introduction to SOAP, WSDL, and UDDI. IEEE Internet Computing, 6(2):86--93, Mar./Apr. 2002.

Digital Library

[8]

D. Ferraiolo et al. Proposed NIST Standard for Role-Based Access Control. ACM Trans. Information and System Security (TISSEC), 4(3):224--274, Aug. 2001.

Digital Library

[9]

T. Grandison and M. Sloman. A Survey of Trust in Internet Applications. IEEE Comm. Surveys & Tutorials, 3(4), 2000.

Digital Library

[10]

A. Herzberg et al. Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers. In Proc. IEEE Symp. Security and Privacy, May 2000.

Digital Library

[11]

R. Housley et al. Internet X.509 Public Key Infrastructure Certificate and CRL Profile. IETF RFC 2459, Jan. 1999.

Digital Library

[12]

N. Li and J. Mitchell. RT: A Role-based Trust-management Framework. In Proc. 3rd DARPA Information Survivability Conf. and Exposition (DISCEX '03), Apr. 2003.

Digital Library

[13]

C.-T. Liu, S.-K. Chang, and P. Chrysanthis. Database schema evolution using EVER diagrams. In Proc. ACM Workshop Advanced Visual Interfaces (AVI '94), June 1994.

Digital Library

[14]

J. Rees, S. Bandyopadhyay, and E. H. Spafford. PFIRES: A Policy Framework for Information Security. Comm. ACM, 46(7):101--106, July 2003.

Digital Library

[15]

H. Skogsrud, B. Benatallah, and F. Casati. Model-Driven Trust Negotiation for Web Services. IEEE Internet Computing, 7(6):45--52, Nov./Dec. 2003.

Digital Library

[16]

S. Thatte, ed. Business Process Execution Language for Web Services (BPEL4WS), Version 1.1. www-106.ibm.com/ developerworks/library/ws-bpel, May 2003.

[17]

T. Yu, M. Winslett, and K. Seamons. Supporting Structured Credentials and Sensitive Policies through Interoperable Strategies for Automated Trust Negotiation. ACM Trans. Information and System Security (TISSEC), 6(1), Feb. 2003.

Digital Library

Cited By

Noor TSheng QMaamar ZZeadally S(2016)Managing Trust in the CloudComputer10.1109/MC.2016.5749:2(34-45)Online publication date: 1-Feb-2016
https://dl.acm.org/doi/10.1109/MC.2016.57
Joshi KPearce C(2015)Automating Cloud Service Level Agreements Using Semantic TechnologiesProceedings of the 2015 IEEE International Conference on Cloud Engineering10.1109/IC2E.2015.63(416-421)Online publication date: 9-Mar-2015
https://dl.acm.org/doi/10.1109/IC2E.2015.63
Barkaoui KEslamichalandar M(2014)Software Architecture: Service Adaptation Techniques in the Context of Web Services CompositionSoftware Architecture 110.1002/9781118930960.ch6(211-240)Online publication date: 8-May-2014
https://doi.org/10.1002/9781118930960.ch6
Show More Cited By

Index Terms

Trust-serv: model-driven lifecycle management of trust negotiation policies for web services

Recommendations

A trust negotiation system for digital library Web services

A scalable approach to trust negotiation is required in digital library (DL) environments that have large and dynamic user populations. In this paper we introduce Trust-Serv, a model-driven trust negotiation framework for Web services, and show how it ...
Modeling Trust Negotiation for Web Services

As Web services become more widely adopted, developers must cope with the complexity of evolving trust negotiation policies spanning numerous autonomous services. The Trust-Serv framework uses a state-machine-based modeling approach that supports life-...
Policy migration for sensitive credentials in trust negotiation
WPES '03: Proceedings of the 2003 ACM workshop on Privacy in the electronic society

Trust negotiation is an approach to establishing trust between strangers through the bilateral, iterative disclosure of digital credentials. Under automated trust negotiation, access control policies are associated with sensitive credentials to control ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WWW '04: Proceedings of the 13th international conference on World Wide Web

May 2004

754 pages

ISBN:158113844X

DOI:10.1145/988672

Conference Chairs:
Stuart Feldman
IBM Research
,
Mike Uretsky
New York University
,
Program Chairs:
Marc Najork
Microsoft Research
,
Craig Wills
Worcester Polytechnic Institute

Copyright © 2004 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

ACM: Association for Computing Machinery

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 May 2004

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

WWW04

Sponsor:

ACM

WWW04: The 2004 World Wide Web Conference ( in conjunction with ACM Conference on Electronic Commerce [EC'04])

May 17 - 20, 2004

NY, New York, USA

Acceptance Rates

Overall Acceptance Rate 1,899 of 8,196 submissions, 23%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

28
Total Citations
View Citations
1,788
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 20 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Noor TSheng QMaamar ZZeadally S(2016)Managing Trust in the CloudComputer10.1109/MC.2016.5749:2(34-45)Online publication date: 1-Feb-2016
https://dl.acm.org/doi/10.1109/MC.2016.57
Joshi KPearce C(2015)Automating Cloud Service Level Agreements Using Semantic TechnologiesProceedings of the 2015 IEEE International Conference on Cloud Engineering10.1109/IC2E.2015.63(416-421)Online publication date: 9-Mar-2015
https://dl.acm.org/doi/10.1109/IC2E.2015.63
Barkaoui KEslamichalandar M(2014)Software Architecture: Service Adaptation Techniques in the Context of Web Services CompositionSoftware Architecture 110.1002/9781118930960.ch6(211-240)Online publication date: 8-May-2014
https://doi.org/10.1002/9781118930960.ch6
Kritikos KPernici BPlebani PCappiello CComuzzi MBenrernou SBrandic IKertész AParkin MCarro M(2013)A survey on service quality descriptionACM Computing Surveys10.1145/2522968.252296946:1(1-58)Online publication date: 11-Jul-2013
https://dl.acm.org/doi/10.1145/2522968.2522969
Peng DXiu DLiu Z(2012)Agent-Based Automated Trust Negotiation and Management for Pervasive ComputingHandbook on Mobile and Ubiquitous Computing10.1201/b13081-17(313-328)Online publication date: 17-Dec-2012
https://doi.org/10.1201/b13081-17
Li JStephenson BMotahari-Nezhad HSinghal S(2011)GEODACIEEE Transactions on Services Computing10.1109/TSC.2010.534:4(340-354)Online publication date: 1-Oct-2011
https://dl.acm.org/doi/10.1109/TSC.2010.53
Zhao WVaradharajan V(2010)An Approach to Unified Trust Management FrameworkCollaborative Computer Security and Trust Management10.4018/978-1-60566-414-9.ch006(111-134)Online publication date: 2010
https://doi.org/10.4018/978-1-60566-414-9.ch006
Shih-Chien Chou (2010)Dynamically preventing information leakage for web services using lattice5th International Conference on Computer Sciences and Convergence Information Technology10.1109/ICCIT.2010.5711112(527-532)Online publication date: Nov-2010
https://doi.org/10.1109/ICCIT.2010.5711112
Benbernou SBrandic ICappiello CCarro MComuzzi MKertész AKritikos KParkin MPernici BPlebani P(2010)Modeling and Negotiating Service QualityService Research Challenges and Solutions for the Future Internet10.1007/978-3-642-17599-2_6(157-208)Online publication date: 2010
https://doi.org/10.1007/978-3-642-17599-2_6
He DYang J(2009)Authorization control in collaborative healthcare systemsJournal of Theoretical and Applied Electronic Commerce Research10.5555/1807522.18075304:2(88-109)Online publication date: 1-Aug-2009
https://dl.acm.org/doi/10.5555/1807522.1807530
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents