Managing Impacts of Security Protocol Changes in Service-Oriented Applications
ICSE '07 Proceedings of the 29th international conference on Software Engineering
A framework for managing the evolution of business protocols in web services
APCCM '07 Proceedings of the fourth Asia-Pacific conference on Comceptual modelling - Volume 67
A framework for flexible access control in digital library systems
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
An XML-based protocol for improving trust negotiation between Web Services
Proceedings of the 27th Annual ACM Symposium on Applied Computing
| Hi-index | 0.00 |
A scalable approach to trust negotiation is required in digital library (DL) environments that have large and dynamic user populations. In this paper we introduce Trust-Serv, a model-driven trust negotiation framework for Web services, and show how it can be used to effectively handle trust negotiation in DLs. The framework employs a model for trust negotiation based on state machines, extended with security abstractions. High-level specifications expressed with the state-machine-based model are then translated into formats suitable for automating the trust negotiation process. The proposed framework also supports negotiation policy lifecycle management, an important trait in the dynamic environments that characterize DLs. In particular, we present a set of policy change operations that enable the dynamic evolution of negotiation policies without disrupting ongoing negotiations. The proposed approach has been implemented as a container-centric mechanism that is transparent to the DL and to the developers of DL Web services, simplifying DL development and management as well as enabling scalable deployments.