Abstract
In this paper, we propose a trust enhanced distributed authorisation architecture (TEDA) that provides a holistic framework for authorisation taking into account the state of a user platform. The model encompasses the notions of 'hard' and 'soft' trust to determine whether a platform can be trusted for authorisation. We first explain the rationale for the overall model and then describe our hybrid model with 'hard' and 'soft' trust components, followed by a description of the system architecture. We then illustrate our implementation of the proposed architecture in the context of authorisation for web services. We discuss the results and demonstrate that such a trust enhanced approach could enable better authorisation decision making, especially in a distributed environment where user platforms are subject to dynamic security threats.
Original language | English |
---|---|
Pages (from-to) | 916-934 |
Number of pages | 19 |
Journal | Journal of Computer and System Sciences |
Volume | 80 |
Issue number | 5 |
DOIs | |
Publication status | Published - Aug 2014 |
Event | IEEE International Conference on Dependable, Autonomic and Secure Computing (9th : 2011) - Amsterdam, Netherlands Duration: 12 Dec 2011 → 14 Dec 2011 |
Keywords
- Distributed authorisation
- Secure web services
- Trust enhanced security
- Trusted platforms