Interactive Credential Negotiation for Stateful Business Processes
نویسندگان
چکیده
Business Processes for Web Services are the new paradigm for lightweight enterprise integration. They cross organizational boundaries, are provided by entities that see each other just as business partners, and require access control mechanisms based on trust management. Stateful Business Processes, enforcing separation of duties or service limitations based on past or current usage, pose additional research challenges. Clients, which may not know the right set of credentials to supply to each partner, may end up in dead-ends and servers should help them find out what must be revoked and what missing is that grant access to a particular resource. We propose a logical framework and an interactive algorithm based on negotiation of credentials for access control that works for Stateful Business Processes. We show that our algorithm is sound (no grant is given to unauthorized clients), complete (authorized clients get grant) and resistant against DoS attempt.
منابع مشابه
Digital Credentials and Authorization to Enhance Trust in Negotiation within E-Services
digital credential, trust, negotiation, E-Services marketplaces, authorization, E-Services In the present economy, business-to-business (B2B) relationships are usually long-termed and characterised by a high degree of mutual pre-existing trust. With the advent of the Internet economy, E-Services marketplaces will provide an infrastructure where B2B relationships will be set up in a highly dynam...
متن کاملAutomated Trust Negotiation in Autonomic Environments
Autonomic computing environments rely on devices that are able to make intelligent decisions without human supervision. Automated Trust Negotiation supports the cooperation of devices with no prior trust relationship. They can reach an agreement by iteratively exchanging credentials during a negotiation process. These credentials can serve as authorization tokens or may carry information that b...
متن کاملInteractive Access Control for Web Services
Business Processes for Web Services (BPEL4WS) are the new paradigms for lightweight enterprise integration. They cross organizational boundaries and are provided by entities that see each other just as business partners. Web services require shift in the access control mechanism: from identity-based access control to trust management and negotiation, but this is not enough for cross organizatio...
متن کاملTowards Practical Automated Trust Negotiation
Exchange of attribute credentials is a means to establish mutual trust between strangers that wish to share resources or conduct business transactions. Automated Trust Negotiation (ATN) is an approach to regulate the exchange of sensitive credentials by using access control policies. Existing ATN work makes unrealistic simplifying assumptions about credential-representation languages and creden...
متن کاملAn Access Control System for Business Processes for Web Services
Web Services and Business Processes for Web Services are the new paradigms for the lightweight integration of business from different enterprises. Whereas the security and access control policies for basic web services and distributed systems are well studied and almost standardized, there is not yet a comprehensive proposal for an access control architecture for business processes. The major d...
متن کامل