Trust Negotiation as an Authorization Service forWeb Services

ICDEW 2006 - Proceedings of the 22nd International Conference on Data Engineering Workshops

Volumn , Issue , 2006, Pages

  Olson, Lars ^a   Winslett, Marianne ^a   Tonti, Gianluca ^b   Seeley, Nathan ^c   Uszok, Andrzej ^d   Bradshaw, Jeffrey ^d  

^a UNIVERSITY OF ILLINOIS AT URBANA CHAMPAIGN   (United States)

^b UNIVERSITY OF BOLOGNA   (Italy)

^c BRIGHAM YOUNG UNIVERSITY   (United States)

^d INSTITUTE FOR HUMAN AND MACHINE COGNITION   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

SCALABILITY; TECHNICAL PRESENTATIONS; WEBSITES;

AUTHORIZATION SERVICES; AUTHORIZATION SYSTEMS; AUTHORIZED USERS; COMPUTING ENVIRONMENTS; RUNTIME SYSTEMS; SCALABLE METHODS; STOCK TRADING; TRUST NEGOTIATIONS;

WEB SERVICES;

EID: 79956107600     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICDEW.2006.154     Document Type: Conference Paper

References (23)

1. M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis, "The KeyNote Trust Management System, " IETF RFC 2704, September 1999.
2. M. Becker and P. Sewell, "Cassandra: Distributed Access Control Policies with Tunable Expressiveness, " IEEE Workshop on Policies for Distributed Systems and Networks, June 2004.
3. E. Bertino, E. Ferrari, and A. Squicciarini, "Trust-X: A Peerto- Peer Framework for Trust Establishment, " IEEE TKDE, July 2004, pp. 827-842.
4. R. Bhatti, E. Bertino, and A. Ghafoor, "A Trust-based Context-Aware Access Control Model for Web-Services, " IEEE Intl. Conf. on Web Services, June 2004.
5. E. Damiani, S. di Vimercati, and P. Samarati, "Towards Securing XML Web Services, " ACM Workshop on XML Security, November 2002.
6. C. Ellison, B. Franz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen, "RFC 2693: SPKI Certifi cate Theory, " http://www.faqs.org/frcs/rfc2693.html.
7. C. Gunter and T. Jim, "Policy-Directed Certifi cate Retrieval, " Software Practice and Experience, 2000.
8. A. Hess, J. Jacobson, H. Mills, R. Wamsley, K. E. Seamons, and B. Smith, "Advanced Client/Server Authentication in TLS, " Network and Dist. System Security Symp., February 2002.
9. "idemix: pseudonymity for e-Transactions, " http://www.zurich.ibm.com/security/idemix.
10. T. Jim, "SD3: A Trust Management System with Certified Evaluation, " IEEE Symp. on Security and Privacy, May 2001.
11. H. Koshutanski and F. Massacci, "Interactive Credential Negotiation for Stateful Business Processes, " Proc. Intl. Conf. on Trust Management (iTrust), May 2005.
12. H. Kung, F. Zhu, and M. Iansiti, "A Stateless Network Architecture for Inter-enterprise Authentication, Authorization and Accounting, " Intl. Conf. on Web Services, June 2003.
13. A. Lee, Traust: A Trust Negotiation Based Authorization Service for Open Systems, M.S. thesis, University of Illinois at Urbana-Champaign, August 2005.
14. M. Lehmann, "Developer Web Services: Creating Web Services, Part 2, " Oracle Magazine, March/April 2004.
15. J. Li, N. Li, and W. Winsborough, "Automated Trust Negotiation Using Cryptographic Credentials, " ACM Conf. on Computer and Communications Security, November 2005.
16. W. Nejdl, D. Olmedilla, and M. Winslett, "Peer Trust: Automated Trust Negotiation for Peers on the Semantic Web, " Secure Data Management Workshop, 118-132, 2004.
17. T. Ryutov, L. Zhou, C. Neuman, T. Leithead, and K. E. Seamons, "Adaptive Trust Negotiation and Access Control, " ACM SACMAT, June 2005.
18. Shibboleth Architecture Technical Overview, Internet2 Working Draft, 8 June 2005, http://shibboleth.internet2.edu/docs/draft-mace-shibbolethtech-overview-latest.pdf.
19. SOAP Security Extensions: Digital Signature, W3C Note, 6 February 2001, http://www.w3.org/TR/2001/NOTE-SOAPdsig-20010206/.
20. M. Winslett, T. Yu, K. E. Seamons, A. Hess, J. Jacobson, R. Jarvis, B. Smith, and L. Yu, "The TrustBuilder Architecture for Trust Negotiation, " IEEE Internet Computing, volume 6, number 6, November/December 2002, pages 30-37.
21. XML-Signature Syntax and Processing, W3C Recommendation, 12 February 2002, http://www.w3.org/TR/2002/RECxmldsig-core-20020212/.
22. T. Yu, M. Winslett, and K. E. Seamons, "Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation, " ACM Transactions on Information Systems Security, 6(1): 1-42, 2003.
23. T. Ziebermayr and S. Probst, "Web Service Authorization Framework, " Proc. Intl. Conf. on Web Services, June 2004.