Title :
An Enforcement Architecture for Security and Trust Policies in Federated Web-Service-Based Systems
Author :
Wu, Zhengping ; Wang, Lifeng
Author_Institution :
Dept. of Comput. Sci. & Eng., Univ. of Bridgeport, Bridgeport, CT, USA
Abstract :
In policy-based management, the gap between policy definition and enforcement mechanisms needs an architectural innovation to fill. Policy-based trust management has this gap too. Enforcement of policies for federation activities, especially trust policies among Web-service-based systems, requires a dynamic and flexible architecture to accommodate different trust models and different domains. Meanwhile, the choice of high-level policy languages cannot have an exact match to low-level enforcement mechanisms in network services or operating systems. An intermediate-level semantic translation architecture is proposed in this paper to bridge the gap between high-level policy languages used directly by humans and low-level mechanisms offered by machines. The merits of this architecture include: users can choose their high-level policy languages with the most usability they want; the system administrator can introduce a new core mathematical or logical model when it is more appropriate for system controls; the semantic translation in the intermediate-level is flexible.
Keywords :
Web services; programming language semantics; security of data; federated Web-service-based system; high-level policy language; intermediate-level semantic translation architecture; policy-based trust management; security enforcement architecture; Authentication; Bridges; Collaboration; Computer architecture; Computer science; Computer security; Environmental management; Humans; Information security; Medical services; policy enforcement; security; trust; web service;
Conference_Titel :
Computer Software and Applications Conference, 2009. COMPSAC '09. 33rd Annual IEEE International
Conference_Location :
Seattle, WA
Print_ISBN :
978-0-7695-3726-9
DOI :
10.1109/COMPSAC.2009.155
