Improving Access Control for Mobile Consumers of Services by Use of Context and Trust within the Call-Stack

  • Min Luo
  • Ralph Deters
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7138)


Access control is a key issue in the deployment of systems within corporations. To comply with legal and business requirements and to prevent unauthorized access, the identification and authentication of all users is required. This is typically achieved by using an access control system that performs the identification & authentication of each user at the point of entry into the system. However, as the systems evolve and thus become more complex it is difficult to ensure reliable access control, especially if they are accessed via mobile devices. This paper focuses on improving the existing access control approach for service-oriented systems by applying the concept of device comfort to service providers. Similar to the concept of device comfort, service providers are empowered to decide if they feel comfortable with requests sent to them. This paper presents and evaluates the idea of integrating trust evaluations into service-oriented systems by requiring each service provider to evaluate the trustworthiness of requests and to share their evaluations as part of the call-context within the call-stack.


Trust Web Services Distributed Trust Management Mobile Clients Call-Stack 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Portio Research: “Portio Research Mobile Factbook 2009”, 37 pages (2009)Google Scholar
  2. 2.
    Yates, S.: Forester: Worldwide PC Adoption Forecast, 2007 To 2015, It’s Time To Focus On Emerging Markets For Future Growth, 21 pages (June 11, 2007) Google Scholar
  3. 3.
    Milanesi, C., et al.: ”Gartner: Competitive Landscape: Mobile Devices, Worldwide, 2009”, 11 pages (August 11, 2009) Google Scholar
  4. 4.
    Beccue, M.: ABI-Research Report RR-MCC: “Mobile Cloud Computing”, 64 pages (2009)Google Scholar
  5. 5.
    Schulte, R., Natis, Y.: Service Oriented Architecture, Gartner (April 12, 1996)Google Scholar
  6. 6.
  7. 7.
    Chatarji, J.: Introduction to Service Oriented Architecture, SOA, 5 pages (2004),
  8. 8.
    Marsh, S., Briggs, P.: Defining and investigating Device comfort. In: IFIPTM 2010, pp. 17–24 (2010)Google Scholar
  9. 9.
    Wang, Y., Vassileva, J.: Toward Trust and Reputation Based Web Service Selection: A Survey. International Transactions on Systems Science and Applications 3(2), 118–132 (2007); (invited paper in the special Issue on New tendencies on Web Services and Multi-agent Systems (WS-MAS))Google Scholar
  10. 10.
    Maximilien, E., Singh, M.: Toward autonomic web services trust and selection. In: ICSOC 2004, pp. 212–221 (2004)Google Scholar
  11. 11.
    CAS, Scholar
  12. 12.
    Fielding, R.: Architectural Styles and the Design of Network-based Software Architectures, Dissertation University of Irvine (2000),

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Min Luo
    • 1
  • Ralph Deters
    • 1
  1. 1.Department of Computer ScienceUniversity of SaskatchewanSaskatoonCanada

Personalised recommendations