Abstract
Today, organisations that seek a competitive advantage are adopting virtual infrastructures that share and manage computing resources. The trend is toward implementing collaborating applications supported by web services technology. In order to enable secure interoperation between participants of these environments, trust is an important requirement to address. Current solutions to trust between web components are limited, as they are usually established via cryptographic mechanisms, in the presence of trusted third parties. To accommodate the dynamic and fluid nature of web services environments, a framework for trust assessment and computation is presented. The trust framework is characterised by information and reasoning. It has mechanisms that allow web services entities to manage trust autonomously, by activating a trust level and trust types by means of a rule-based fuzzy cognitive map.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Axelrod, R., Framework for a General Theory of Cognition. Berkeley: Institute of International Studies, (1972).
Abdul-Rahman A., A framework for desentralised trust reasoning, PHD thesis. Department of Computer Science, University of London, (2004).
Barber B., Logic and Limits of Trust. New Jersey: Rutgers University Press, (1983).
Blaze M., Feigenbaum J., Ioannidis J., & Keromytis A., “The KeyNote Trust-management System, version 2,” IETF, RFC 2704, September, (1999).
Box D., Ehnebuske D., Kakivaya G., Layman A., Mendelsohn N., Nielsen H.F, Thatte S. & Winer D., (2000), Simple Object Access Protocol (SOAP) 1.1, http://www.w3.org/TR/SOAP/, May (2000).
Box D., Web Services Policy Framework (WS-Policy), http://www.ibm.com/developerworks/library/ws-policy/index.html, (2003).
Castelfranchi C, Falcone R., Pezzulo G., A Fuzzy Approach to a Belief-Based Trust Computation., in Trust, reputation and security theory and practice, Bologna, Italy, July, Lecture notes in Computer Science, Vol 2631, (2002).
Chervany N.L. & Mgknight D.H., The meanings of trust. Technical Report 94-04, Carlson School of Management, University of Minnesota, (1996).
Coetzee M. & Eloff JHP, Autonomous trust for Web Services, INC 2005 (The 5th International Network Conference), 5–7 July, Samos, Greece, (2005) Also available at http://csweb.rau.ac.za/stafT/marijke/marijke_coetzee.htm.
Coyle F.P., XML, Web services and the data revolution, Addison-Wesley, (2002).
Dan A., Davis D., Kearney R., King R., Keller A., Kuebler D., Ludwig H., Polan, M. Spreitzer, and Youssef A., Web Services on demand: WSLA-driven Automated M. Management, IBM Systems Journal, Special Issue on Utility Computing, Volume 43, Number 1, pages 136–158, IBM Corporation, March, (2004).
Della-Libera G. et al., Web Services Trust Language (WS-Trust), http://www.ibm.com/developerworks/library/wstrust/index.html, (2003).
Deutsch M., Cooperation and Trust: Some theoretical notes, in Nebraska Symposium on Motivation, M.R. Jones (ed.) Nebraska University Press, (1962).
Eloff J.H.P. & Smith E., Cognitive fuzzy modeling for enhanced risk assessment in a health care institution, IEEE Intelligent systems and their applications, Vol 14, no 2, pp 2–8, (2000).
Gambetta D., Can we trust Trust?, Chapter 13, pp. 213–237. Basil Blackwell. Reprinted in electronic edition from Department of Sociology, University of Oxford (1988).
Grandison T.W.A., Trust Management for Internet Applications, PhD Thesis, Imperial College of Science, Technology and Medicine, University of London, Department of Computing, (2003).
Kosko B., Fuzzy Cognitive Maps, International Journal of Man-Machine Studies, Vol 24, pp 65–75, (1986).
Kosko B., Fuzzy Engineering, Prentice Hall, Upper Saddle River, New Jersey, (1997).
Luhman N., Trust and Power. Wiley, (1979).
Marsh S., Formalising Trust as a Computational Concept, PhD Thesis, University of Stirling, UK, (1994).
Newcomer E. Understanding Web Services, Addison-Wesley, USA. (2002).
Ratnasingam P.P., Interorganizational trust in Business to Business e-commerce, PhD thesis, Erasmus University Rotterdam, (2001).
Rivest R. & Lampson B., “SDSI-A Simple Distributed Security Infrastructure,” October (1996).
Winslett M. An Introduction to Trust Negotiation. Nixon & Terzis (eds), In Proceedings of the First International Conference, iTrust Heraklion, Crete, Greece, May 28–30, Springer. (2002).
SECURE, Bacon J., Belokosztolszki A., Dimmock N., Eyers D., Moody K., Using Trust and Risk in Role-Based Access Control Policies, Proceedings of Symposium on Access Control Models and Technologies SACMAT04, (2004).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 International Federation for Information Processing
About this paper
Cite this paper
Coetzee, M., Eloff, J. (2006). A Framework for Web Services Trust. In: Fischer-Hübner, S., Rannenberg, K., Yngström, L., Lindskog, S. (eds) Security and Privacy in Dynamic Environments. SEC 2006. IFIP International Federation for Information Processing, vol 201. Springer, Boston, MA. https://doi.org/10.1007/0-387-33406-8_7
Download citation
DOI: https://doi.org/10.1007/0-387-33406-8_7
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-33405-9
Online ISBN: 978-0-387-33406-6
eBook Packages: Computer ScienceComputer Science (R0)