Handbook of Applied Cryptography
Handbook of Applied Cryptography
Role-Based Access Control With X.509 Attribute Certificates
IEEE Internet Computing
SODA: A Service-On-Demand Architecture for Application Service Hosting Utility Platforms
HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
Multicast-specific security threats and counter-measures
SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
An Integrated Solution for Secure Group Communication in Wide-Area Networks
ISCC '01 Proceedings of the Sixth IEEE Symposium on Computers and Communications
A survey of key management for secure group communication
ACM Computing Surveys (CSUR)
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security (TISSEC)
Extendable and Adaptive Message-Level Security Enforcement Framework
ICNS '06 Proceedings of the International conference on Networking and Services
Dynamic security perimeters for inter-enterprise service integration
Future Generation Computer Systems
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
New multiparty authentication services and key agreement protocols
IEEE Journal on Selected Areas in Communications
Managing application whitelists in trusted distributed systems
Future Generation Computer Systems
| Hi-index | 0.00 |
Web Services and SOA provide interoperability and architectural baseline for flexible and dynamic cross enterprise collaborations, where execution and use of the participating services contributes to the common objective. Relationships within these collaborations are complex, with services joining and leaving throughout the life cycle, or the same services being offered in several collaborations simultaneously. This provides strong requirements for federated security, where integrity and confidentiality of the collaboration must be maintained through membership control, security policy enforcement and separation of web service instance interactions in different collaborations. In this paper we propose a new Web Services (WS) framework for managing and controlling WS interactions in a federated environment, leveraging on platform virtualisation architecture and the functionalities provided by trusted secure hardware. The framework allows configuring policies that define collaboration membership, and enforce access to the collaboration per-WS instance. In addition, since the access to the configurations is restricted, it provides masterslave model where only authorised administrative entity can modify any of the above - either at the deployment or at the execution time. Some of the benefits of the proposed approach are: fine-grained external exposure of WSs, a flexible model for group membership control and revocation and hardware-enabled secure virtualised system providing functional process isolation and strong data security.