A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
On SDSI's linked local name spaces
Journal of Computer Security
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
An access control language for web services
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Validating a Web service security abstraction by typing
Proceedings of the 2002 ACM workshop on XML security
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Formal Semantics for SPKI
A new approach to mobile code security
A new approach to mobile code security
A semantics for web services authentication
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Access control for the web via proof-carrying authorization
Access control for the web via proof-carrying authorization
Tools for design of composite Web services
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Hiding names: private authentication in the applied pi calculus
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Risk assessment in distributed authorization
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Quality of experience for composite web services (QoE4CWS): focusing on the client
Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion
Risk management for distributed authorization
Journal of Computer Security
Tisa: A Language Design and Modular Verification Technique for Temporal Policies in Web Services
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Multiagent Security Evaluation Framework for Service Oriented Architecture Systems
KES '09 Proceedings of the 13th International Conference on Knowledge-Based and Intelligent Information and Engineering Systems: Part I
A framework towards enhancing trust and authorisation for e-commerce service
International Journal of Internet Technology and Secured Transactions
| Hi-index | 0.00 |
Through web service technology, distributed applications can be built in a flexible manner, bringing tremendous power to applications on the web. However, this flexibility poses significant challenges to security. In particular, an end user (be it human or machine) may access a web service directly, or through a number of intermediaries, while these intermediaries may be formed on the fly for a particular task. Traditional access control for distributed systems is not flexible and efficient enough in such an environment. Indeed, it may be impossible for a web service to anticipate all possible access patterns, hence to define an appropriate access control list beforehand. Novel solutions are needed.This paper introduces a trust-but-verify framework for web services authorization, and provides an implementation example. In the trust-but-verify framework, each web service maintains authorization policies. In addition, there is a global set of "trust transformation" rules, each of which has an associated transformation condition. These trust transformation rules convert complicated access patterns into simpler ones, and the transformation is done by a requester (the original requester or an intermediary) with the assumption that the requester can be trusted to correctly omit certain details. To verify authorization, the requester is required to document evidence that the associated transformation conditions are satisfied. Such evidence and support information can either be checked before access is granted, or can be verified after the fact in an offline mode, possibly by an independent third party.