Resource classification based negotiation in web services

Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security

Volumn , Issue , 2007, Pages 313-318

  Haidar, Diala Abi ^a,b   Cuppens, Nora ^b   Cuppens, Frédéric ^b   Debar, Hervé ^a  

^a ORANGE LABS   (France)

^b ECOLE DES MINES DE NANTES   (France)

Author keywords

Access control; Interoperability; Negotiation; Trust

Indexed keywords

INFORMATION SERVICES;

(E ,3E) PROCESS; GAINING ACCESS; INFORMATION ASSURANCE AND SECURITY (IAS); NEGOTIATION POLICIES; NEGOTIATION PROCESSES; RESOURCE CLASSIFICATION; SECURITY DOMAINS; STATE BASED; TRUST ESTABLISHMENT;

CLASSIFICATION (OF INFORMATION);

EID: 46749116030     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IAS.2007.54     Document Type: Conference Paper

References (19)

1. eXtensible Access Control Markup Language (XACML) Version 2. Standard, OASIS, February 2005.
2. Web Services Security: Key Industry Standards and Emerging Specifications Used for Securing Web Services. White Paper, Computer Associates, January 2005.
3. D. Fensel and C. Bussler. The Web Service Modeling Framework WSMF. Submitted for Electronic Commerce Research and Applications, 2002.
4. E. Bertino, A. C. Squicciarini, I. Paloscia, and L. Martino. Ws-AC: A Fine Grained Access Control System for Web Services. World Wide Web, 9(2):143-171, September 2005.
5. R. Bhatti, E. Bertino, A. Ghafoor, and J. B. Joshi. XML-Based Specification for Web Services Document Security. IEEE Computer Society, 37(4):41-49, April 2004.
6. F. Cuppens, N. Cuppens-Boulahia, and C. Coma. 020: Virtual Private Organizations to Manage Security Policy Interoperability. In ICISS, pages 101-115, 2006.
7. F. Cuppens and A. Gabillon. Cover story management. Data Knowl. Eng., 37(2):177-201, 2001.
8. G. Yee and L. Korba. Negotiated Security Policies for E-Services and Web Services. In 2005 IEEE International Conference on Web Services (ICWS), July 2005.
9. V. D. Gligor, H. Khurana, R. K. Koleva, V. G. Bharadwaj, and J. S. Baras. On the Negotiation of Access Control Policies. Lecture Notes In Computer Science, 2001.
10. Martin Naedele. Standards for XML and Web services security. Computer, 36(4):96-98, April 2003.
11. Y. Nakamur, S. Hada, and R. Neyama. Towards the Integration of Web Services Security on Enterprise Environments. In 2002 Symposium on Applications and the Internet (SAINT'02w), 2002.
12. L. Olson, M. Winslett, G. Tonti, N. Seeley, A. Uszok, and J. Bradshaw. Trust Negotiation as an Authorization Service forWeb Services. 22nd International Conference on Data Engineering Workshops (ICDEW'06), April 2006.
13. T. Ryutov, L. Zhou, C. Neuman, T. Leithead, and K. Seamons. Adaptive trust negotiation and access control. Tenth ACM symposium on Access control models and technologies, pages 139-146, 2005.
14. K. Seamons, M. Winslett, and T. Yu. Limiting the Disclosure of Access Control Policies During Automated Trust Negotiation. In Network and Distributed System Security Symposium, San Diego, CA, April 2001.
15. K. Seamons, M. Winslett, T. Yu, T. Chan, E. Child, M. Halcrow, A. Hess, J. Holt, J. Jacobson, R. Jarvis, A. Patty, B. Smith, T. Sundelin, and L. Yu. Trust Negotiation in Dynamic Coalitions. DARPA Information Survivability Conference and Exposition (DISCEX'03), 2:240-245, April 2003.
16. B. Smith, K. Seamons, and M. Jones. Responding to policies at runtime in TrustBuilder. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'04), pages 149-158, June 2004.
17. M. Winslett, T. Yu, K. Seamons, A. Hess, J. Jacobson, R. Jarvis, B. Smith, and L. Yu. Negotiating trust in the Web. Internet Computing, IEEE, 6(6):30-37, November 2002.
18. T. Yu, M. Winslett, and K. E. Seamons. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Transactions on Information and System Security (TISSEC), 6(1):1-42, February 2003.
19. E. Yuan and J. Tong. Attribute based access control (ABAC): a new access control approach for service oriented architectures. Ottawa New Challenges for Access Control Workshop, April 2005.