Trust enhanced distributed authorisation for web services

Aarthi Nagarajan, Vijay Varadharajan*, Nathan Tarr

*Corresponding author for this work

Research output: Contribution to journalConference paper

2 Citations (Scopus)

Abstract

In this paper, we propose a trust enhanced distributed authorisation architecture (TEDA) that provides a holistic framework for authorisation taking into account the state of a user platform. The model encompasses the notions of 'hard' and 'soft' trust to determine whether a platform can be trusted for authorisation. We first explain the rationale for the overall model and then describe our hybrid model with 'hard' and 'soft' trust components, followed by a description of the system architecture. We then illustrate our implementation of the proposed architecture in the context of authorisation for web services. We discuss the results and demonstrate that such a trust enhanced approach could enable better authorisation decision making, especially in a distributed environment where user platforms are subject to dynamic security threats.

Original languageEnglish
Pages (from-to)916-934
Number of pages19
JournalJournal of Computer and System Sciences
Volume80
Issue number5
DOIs
Publication statusPublished - Aug 2014
EventIEEE International Conference on Dependable, Autonomic and Secure Computing (9th : 2011) - Amsterdam, Netherlands
Duration: 12 Dec 201114 Dec 2011

Keywords

  • Distributed authorisation
  • Secure web services
  • Trust enhanced security
  • Trusted platforms

Fingerprint Dive into the research topics of 'Trust enhanced distributed authorisation for web services'. Together they form a unique fingerprint.

Cite this