SecureFlow: a secure Web-enabled workflow management system
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Securing XML Documents with Author-X
IEEE Internet Computing
First experiences using XACML for access control in distributed systems
Proceedings of the 2003 ACM workshop on XML security
Web Services Platform Architecture: SOAP, WSDL, WS-Policy, WS-Addressing, WS-BPEL, WS-Reliable Messaging and More
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
A Trust-Based Context-Aware Access Control Model for Web-Services
Distributed and Parallel Databases
Trusted Computing Platforms: TCPA Technology in Context
Trusted Computing Platforms: TCPA Technology in Context
SELinux by Example: Using Security Enhanced Linux (Prentice Hall Open Source Software Development Series)
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Modelling, specifying and implementing workflow security in Cyberspace
Journal of Computer Security
A Model-Driven Framework for Trusted Computing Based Systems
EDOC '07 Proceedings of the 11th IEEE International Enterprise Distributed Object Computing Conference
Adaptive Secure Access to Remote Services in Mobile Environments
IEEE Transactions on Services Computing
A Secure Information Flow Architecture for Web Service Platforms
IEEE Transactions on Services Computing
Eclipse: a platform for integrating development tools
IBM Systems Journal
Hi-index | 0.00 |
Service Oriented Architecture SOA is an architectural paradigm that enables dynamic composition of heterogeneous, independent, multi-vendor business services. A prerequisite for such inter-organizational workflows is the establishment of trustworthiness, which is mostly achieved through non-technical measures, such as legislation, and/or social consent that businesses or organizations pledge themselves to adhere. A business process can only be trustworthy if the behavior of all services in it is trustworthy. Trusted Computing Group TCG has defined an open set of specifications for the establishment of trustworthiness through a hardware root-of-trust. This paper has three objectives: firstly, the behavior of individual services in a business process is formally specified. Secondly, to overcome the inherent weaknesses of trust management through software alone, a hardware root of-trust devised by the TCG, is used for the measurement of the behavior of individual services in a business process. Finally, a verification mechanism is detailed through which the trustworthiness of a business process can be verified.