Title :
On the Design of a Trust Enhanced Distributed Authorisation Architecture for Service Oriented Architectures
Author :
Krishna, A. ; Varadharajan, Vijay ; Tarr, Nathan
Author_Institution :
Inf. & Networked Syst. Security Res., Macquarie Univ., Sydney, NSW, Australia
Abstract :
Authorisation systems play a vital role in protecting access to resources in distributed systems. Traditionally, authorisation is performed at the user level to determine whether a user has the necessary privileges to access a requested resource. However, when it comes to the user´s platform, it is often assumed that the system hosting the user and the software running on it are ´trusted´ and that it will behave correctly. In this paper, we propose a comprehensive trust enhanced distributed authorisation architecture that provides a holistic framework for authorisation taking into account the state of a user platform. The model encompasses the notions of ´hard´ and ´soft´ trust to determine whether a platform can be trusted for authorisation. We first explain the rationale for the overall model and then describe our hybrid model with ´hard´ and ´soft´ trust components, followed by a description of the system architecture. We then illustrate proposed architecture in the context of a simple scenario involving a social networking system.
Keywords :
authorisation; distributed processing; service-oriented architecture; distributed systems; hard trust components; service oriented architectures; social networking system; soft trust components; trust enhanced distributed authorisation architecture design; user level platform; Authentication; Authorization; Computer architecture; Mechanical factors; Software;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on
Conference_Location :
Melbourne, VIC
DOI :
10.1109/TrustCom.2013.246
