WS-trustworthy: a framework for web services centered trustworthy computing

Zhang, J.; Zhang, L.-J.; Chung, Jen-Yao

doi:10.1109/scc.2004.1358006

Cited by 16 publications

(8 citation statements)

References 5 publications

(4 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These frameworks or languages as well as P3P [16] and WSSecurityPolicy [22] can serve as the foundation of implementing WS-SensFlow -for example, they can be used to support SF-Guard. Finally, WS-Trustworthy [27] provides a more generic framework for trusted computing than WS-SensFlow. For example, the information flow constraint specified by a user can be modeled as a specific property in that framework.…”

Section: Related Workmentioning

confidence: 99%

Guarding Sensitive Information Streams through the Jungle of Composite Web Services

Wei

Singaravelu

2007

IEEE International Conference on Web Services (ICWS 2007)

View full text Add to dashboard Cite

Complex and dynamic web service compositions may introduce unpredictable and unintentional sharing of security-sensitive data (e.g., credit card numbers) as well as unexpected vulnerabilities that cause information leak. This paper describes a fine-grain access policy specification of security-sensitive data items for each component web service. We propose the SFGuard architecture to enforce these access policies at component web services. A prototype implementation of SF-Guard (on Apache Axis2) and its evaluation show that effective protection of security-sensitive information can be achieved at low overhead (a few percent addition to response time) while preserving the functionality of flexible web service composition.

show abstract

Section: Related Workmentioning

confidence: 99%

Guarding Sensitive Information Streams through the Jungle of Composite Web Services

Wei

Singaravelu

2007

IEEE International Conference on Web Services (ICWS 2007)

View full text Add to dashboard Cite

show abstract

“…In [17], authors propose a generic framework to control the trustworthiness of computing in the domain of web services. In [18], authors present some properties of trust establishment in mobile, ad-hoc networks and illustrate how they differ from those of trust establishment in the Internet.…”

Section: Related Workmentioning

confidence: 99%

Architecture of Trustworthy Networks

Peng

Chen

2006

2006 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing

View full text Add to dashboard Cite

Existing isolated and add-on secure systems are rarely robust under attack, misoperation and internal faults. Secure communication only offers little protection if one ore more components are compromised, and are not sufficient for holistic and systemic security. This paper proposes the concept of trustworthy networks, which makes advances along these traditional researches on network security in combination. We outline the key challenges in constructing trustworthy networks, and define three properties, namely security, survivability and controllability. Consulting human interactions, the abstract architecture for trustworthy networks is proposed, depicting protocols layers, topology structure, entities and components, and protocol steps.

show abstract

“…Users have been used to reusing these services in their own applications. However, as most Web services are delivered by third parties over unreliable Internet and are late bound at run-time instead of design-time, it is reasonable and useful to evaluate and predict the trustworthiness of Web services [9].…”

Section: Introductionmentioning

confidence: 99%

Internet-Based Evaluation and Prediction of Web Services Trustworthiness

Hua

Zhao

et al. 2012

2012 IEEE 36th Annual Computer Software and Applications Conference Workshops

View full text Add to dashboard Cite

As most Web services are delivered by third parties over unreliable Internet and are late bound at run-time, it is reasonable and useful to evaluate and predict the trustworthiness of Web services. In this paper, we propose a novel approach to evaluate and predict Web services trustworthiness using comprehensive trustworthy evidences collected from the Internet. First, we use an effective way to collect comprehensive trustworthy evidences from the Internet, which include both objective evidences (e.g. QoS) and subjective evidences (e.g. reputation). Second, Web services trustworthiness is evaluated with collected trustworthy evidences on a regular basis. Finally, the cumulative evaluation records are modeled as time series, and we propose a multistep Web services trustworthiness prediction process, which can automatically and iteratively identify and optimize the model to fit the trustworthiness series data. Experiments conducted on a large-scale real-world dataset show that our method manages to collect comprehensive trustworthy evidences from the Internet and can effectively evaluate and predict the trustworthiness of Web services, which helps users to reuse Web services.

show abstract

WS-trustworthy: a framework for web services centered trustworthy computing

Cited by 16 publications

References 5 publications

Guarding Sensitive Information Streams through the Jungle of Composite Web Services

Guarding Sensitive Information Streams through the Jungle of Composite Web Services

Architecture of Trustworthy Networks

Internet-Based Evaluation and Prediction of Web Services Trustworthiness

Contact Info

Product

Resources

About