A Service-Oriented Trust Management Model on Application Server

Author

Minghui Zhou ; Haiyan Zhao ; Hong Mei

Author_Institution

Sch. of Electron. Eng. & Comput. Sci., Peking Univ., Beijing

fYear

2006

fDate

18-22 Sept. 2006

Firstpage

170

Lastpage

177

Abstract

In the service-oriented architecture, the components deployed on application servers are published as Web services. Though many researches focus on how to authorize at the Web service level currently, there is little work involving the authorization gap between the service and its component implementation. This paper tries to bridge the gap by proposing a service-oriented trust management model, which expands the application server´s capability to deal with more complex trust relationship between service users and services, and supplies a flexible trust management mechanism to integrate authentication and authorization together. Moreover, the model provides a finer granularity access control, sustains delegation between users, and has a certain extent reasoning capability. The model has been implemented in a J2EE application server, and the experiment has demonstrated that the model has high flexibility and scalability

Keywords

Web services; authorisation; J2EE application server; Web services; access control; application servers; authentication; authorization; service-oriented trust management; Access control; Application software; Authentication; Authorization; Bridges; Engineering management; Environmental management; Service oriented architecture; Web server; Web services;

fLanguage

English

Publisher

ieee

Conference_Titel

Web Services, 2006. ICWS '06. International Conference on

Conference_Location

Chicago, IL

Print_ISBN

0-7695-2669-1

Type

conf

DOI

10.1109/ICWS.2006.14

Filename

4032025