Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Bandera: extracting finite-state models from Java source code
Proceedings of the 22nd international conference on Software engineering
ACM Transactions on Information and System Security (TISSEC)
Communications of the ACM
Symbolic execution and program testing
Communications of the ACM
The SLAM project: debugging system software via static analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Introduction: Service-oriented computing
Communications of the ACM - Service-oriented computing
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
WS-Attestation: Efficient and Fine-Grained Remote Attestation on Web Services
ICWS '05 Proceedings of the IEEE International Conference on Web Services
A Framework for Building Privacy-Conscious Composite Web Services
ICWS '06 Proceedings of the IEEE International Conference on Web Services
A static type system for JVM access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Bytecode Verification for Enhanced JVM Access Control
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Semantic remote attestation: a virtual machine directed approach to trusted computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
Tisa: Toward Trustworthy Services in a Service-Oriented Architecture
IEEE Transactions on Services Computing
Access control policy combining: theory meets practice
Proceedings of the 14th ACM symposium on Access control models and technologies
Bootstrapping Trust in Commodity Computers
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
A service is rigorously trusted if it can provide firm evidences to its users about its behavior. The evidences ensure that the service really follows its claimed behavior to process the requests and sensitive input data from users. In this paper, we propose a framework, which can attest the behavior of web services according to the trust policies specified by users. Different users may concern different aspects of service behavior. By using policies, this framework allows user-specific behavior attestation. In addition, this framework also protects service providers. When a user sends a service request, the framework needs the user to show that he has agreed on the service behavior. A case study is used to describe the critical processing steps of the framework to deliver rigorously trusted services.