A trust negotiation based security framework for service provisioning in load-balancing clusters

Computers and Security

Volumn 31, Issue 1, 2012, Pages 4-25

  Maña, Antonio ^a   Koshutanski, Hristo ^a   Pérez, Ernesto J ^a  

^a UNIVERSITY OF MÁLAGA   (Spain)

Author keywords

Access control; Load balancing cluster; Security evaluation; Security proxy; Trust negotiation; Web services security

Indexed keywords

LOAD-BALANCING; SECURITY EVALUATION; SECURITY PROXY; TRUST NEGOTIATIONS; WEB SERVICES SECURITY;

ACCESS CONTROL; CLUSTER COMPUTING;

WEB SERVICES;

EID: 84855998039     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cose.2011.11.006     Document Type: Conference Paper

References (37)

1. D. Barbará, J. Couto, S. Jajodia, L. Popyack, and N. Wu ADAM: detecting intrusions by data mining Proceedings of the IEEE workshop on information assurance and security 2001 11 16
2. E. Bertino, E. Ferrari, and A.C. Squicciarini Trust-X: a peer-to-peer framework for trust establishment IEEE Transactions on Knowledge and Data Engineering 16 7 2004 827 842
3. P.A. Bonatti, and D. Olmedilla Driving and monitoring provisional trust negotiation with metapolicies Proceedings of the 6th IEEE workshop on policies for distributed systems and networks (POLICY-05) 2005 IEEE Computer Society 14 23 (Pubitemid 43861244)
4. P. Bouquet, H. Stoermer, and B. Bazzanella An entity name system (ENS) for the semantic web Proceedings of the semantic web: research and applications (ESWC2008) vol. 5021/2008 2008 LNCS, Springer Berlin/Heidelberg 258 272
5. P. Bouquet, H. Stoermer, C. Niederee, and A. Maña Entity name system: the backbone of an open and scalable web of data Proceedings of the IEEE international conference on semantic computing, (ICSC 2008) 2008 IEEE Computer Society 554 561
6. Ó Cánovas, M. Sánchez, G. López, R. del Campo, S. Neinert, and J. Rauschenbach Architecture for unified SSO, deliverable DJ5.3.2 May 2008 Available at: http://www.geant2.net/alice/upload/pdf/GN2-08- 080v2-DJ5-3-2-Architecture-for-Unified-SSO.pdf
7. D.W. Chadwick, and A. Otenko The PERMIS X.509 role-based privilege management infrastructure Seventh ACM symposium on access control models and technologies 2002 ACM Press 135 140
8. H. Christiansen, and V. Dahl HYPROLOG: a new logic programming language with assumptions and abduction Proceedings of the 21st international conference on logic programming (ICLP 2005) vol. 3668 2005 LNCS, Springer 159 173 (Pubitemid 41491600)
9. I. Constandache, D. Olmedilla, and F. Siebenlist Policy-driven negotiation for authorization in the grid Proceedings of 8th IEEE international workshop on policies for distributed systems and networks (POLICY '07) 2007 IEEE Computer Society 211 220 (Pubitemid 47469564)
10. H. Koshutanski, and A. Maña A semantic approach to access control and automated credential negotiation for decentralized online repositories/an OKKAM project use case Proceedings of the 5th workshop on semantic web applications and perspectives (SWAP2008) 2008 CEUR Workshop Proceedings Rome, Italy ISSN 1613-0073
11. H. Koshutanski, and F. Massacci A negotiation scheme for access rights establishment in autonomic communication Journal of Network and System Management 15 1 2007
12. H. Koshutanski, and F. Massacci Interactive access control for autonomic systems: from theory to implementation ACM Transactions on Autonomous and Adaptive Systems (TAAS) 3 3 2008
13. H. Koshutanski, A. Lazouski, F. Martinelli, and P. Mori Enhancing grid security by fine-grained behavioral control and negotiation-based authorization International Journal of Information Security 8 4 2009 291 314
14. A.J. Lee, M. Winslett, J. Basney, and V. Welch The traust authorization service ACM Transactions on Information and System Security (TISSEC) 11 1 2008 1 33
15. J. Lee, M. Winslett, and K.J. Perano TrustBuilder2: a reconfigurable framework for trust negotiation Proceedings of the 3rd IFIP WG 11.11 international conference on trust management 2009 Springer
16. U. Lindqvist, and P. Porras Detecting computer and network misuse through the production-based expert system toolset (P-BEST) Proceedings of the IEEE symposium on security and privacy 1999 146 161
17. T.F. Lunt A survey of intrusion detection techniques Computers and Security 12 4 1993 405 418
18. Z. Miklós, N. Bonvin, P. Bouquet, M. Catasta, D. Cordioli, and P. Fankhauser From web data to entities and back Proceedings of the 22nd international conference on advanced information systems engineering (CAiSE'10) 2010 LNCS, Springer
19. W. Nejdl, D. Olmedilla, and M. Winslett PeerTrust: automated trust negotiation for peers on the semantic web VLDB workshop on secure data management (SDM) vol. 3178 2004 Lecture Notes in Computer Science, Springer 118 132
20. OKKAM Project Consortium Integration prototype OKKAM infrastructure V2, project deliverable document D5.4 2009 Available at: http://www.okkam.org/ deliverables
21. OKKAM Project Consortium Integration prototype OKKAM infrastructure V3, project deliverable document D5.6 July 2010 Available at: http://www.okkam.org/ deliverables
22. OKKAM Project Consortium OKKAM in numbers V4, OKKAM project deliverable document D12.7 September 2010 Available at: http://www.okkam.org/deliverables
23. SAML Security assertion markup language (SAML) 2005 http://saml.xml.org/ saml-specifications
24. K. Seamons, and W. Winsborough Automated trust negotiation 2002 US Patent and Trademark Office IBM Corporation, patent application filed March 7, 2000
25. K. Seamons, M. Winslett, and T. Yu Limiting the disclosure of access control policies during automated trust negotiation Proceedings of the network and distributed system security symposium 2001
26. A. Squicciarini, E. Bertino, E. Ferrari, F. Paci, and B. Thuraisingham PP-trust-X: a system for privacy preserving trust negotiations ACM Transactions on Information and System Security 10 3 2007 12
27. M. Thompson, W. Johnston, S. Mudumbai, G. Hoo, K. Jackson, and A. Essiari Certificate-based access control for widely distributed resources Proceedings of eighth USENIX security symposium (Security'99) 1999 215 228
28. W. Winsborough, K. Seamons, and V. Jones Automated trust negotiation) Proceedings of DARPA information survivability conference and exposition (DISCEX vol. 1 2000 IEEE Press 88 102
29. M. Winslett, T. Yu, K. Seamons, A. Hess, J. Jacobson, and R. Jarvis Negotiating trust in the web IEEE Internet Computing 6 6 2002 30 37
30. M. Winslett An introduction to trust negotiation First international conference on trust management (iTrust'03) vol. 2692 2003 LNCS, Springer 275 283
31. T.Y.C. Woo, and S.S. Lam A framework for distributed authorization Proceedings of the 1st ACM conference on computer and communications security 1993 112 118
32. X.509 The directory: public-key and attribute certificate frameworks, ITU-T Recommendation X.509:2005 ISO/IEC 9594-8:2005 2005
33. M. Yagüe, A. Maña, and J. López A metadata-based access control model for web services Internet Research 15 1 2005 99 116 (Pubitemid 40687455)
34. M. Yagüe, M. Gallardo, and A. Maña Semantic access control model: a formal specification Proceedings of the 10th European symposium on research in computer security (ESORICS'05) 2005 Springer 24 43
35. T. Yu, X. Ma, and M. Winslett Prunes: an efficient and complete strategy for automated trust negotiation over the internet Proceedings of the 7th ACM conference on computer and communications security (CCS '00) 2000 ACM 210 219 (Pubitemid 32393920)
36. T. Yu, M. Winslett, and K.E. Seamons Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation ACM Transactions on Information and System Security (TISSEC) 6 1 2003 1 42
37. M. Zurko, R. Simon, and T. Sanfilippo A user-centered, modular authorization service built on an RBAC foundation Proceedings of the IEEE symposium on security and privacy 1999 IEEE Press 57 71