A Service Oriented Trust Development Platform

  • Helena Rifà
  • Francisco Jordan


A Trust Development Platform that offers services for the generation and interpretation of trust based on the concept of ecosystem’s federation is presented. Trust federation schemes allow to define bonds of confidence between systems managed under different domains and policies. Each ecosystem has a trusted service provider that will automatically deliver services for the local domain following its own security policies. Ecosystem’s federation leads us to the federation of trusted services providers and therefore, to the development of federated trust systems. Unlike solutions based on global trust policies, the proposed architecture is easy to deploy and use, and conforms to the requirements for each environment. Moreover, an ecosystem’s federation is also feasible because a common language is shared, XML, and a plethora of related standards are based on it. SOA and Web Services are intimately related to federation, so trust development is now something almost tangible.


Security Policy Service Orient Architecture Trust Management Trust Level Trust Development 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [ACPZO1]
    Adams, C., Cain, P., Pinkas, D., Zuccherato, R.: Internet X.509 Public Key Infrastructure Time Stamp Protocols, IETF RFC-3 161, August 2001.Google Scholar
  2. [AdFa99l.
    Adams, C., Farrell, S.: Internet X.509 Public Key Infrastructure Certificate Mangement Protocols, IETF RFC-2510. March 1999.Google Scholar
  3. [BlanO6]
    Blanchard, D. (Cybertrust): I-CIDM Bridge to Bridge Interoperations. 5th Annual PM R&D Workshop “Making PM Easy to Use”. April 2006. http://middleware.internet2.edulpkiO6/proceedings/blanchard-bridge-bbwg.ppt
  4. [CommO6]
    Commission of the European Communities: Report on the operation of Directive 1999/93/EC on a Community framework for electronic signatures. In: Report from the Commission to the European Parliament and the Council. Brussels, March 15, 2006.Google Scholar
  5. [FHM+06]
    Freeman, T., Housley, R., Malpani, A., Cooper, D., Polk, T.: Server-based Certificate Validation Protocol (SCVP). IETF RFC Internet Draft. June 2006.Google Scholar
  6. [GoAcO6]
    US Government: E-Authentication Secure Government Access. http://www.cio.gov/eauthentication/
  7. [GoFBO6]
    US Government: Federal Bridge Certification Authority (FBCA). http://www.cio.gov/fbcal
  8. [HFPS99]
    Housley, R., Ford, W., Polk, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and CRL Profile, IETF RFC-2459. January 1999.Google Scholar
  9. [LMMPO5] Lioy, A., Marian, M., Moltchanova, N., Pala, M.: PKI past, present and future. Springer-Verlang 2005.Google Scholar
  10. [MAA+99]
    Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol-OCSP. IETF RFC-2560, June 1999.Google Scholar
  11. [MLB+06]
    Matthew, C., Laskey, K., McCabe, F., Brown, P., Metz, R.: Reference Model for Service Oriented Architecture 1.0, OASIS Technical Committee Specification, July 2006.Google Scholar
  12. [OlneO6]
    Olnes, Jon (DNV Research): PKI Interoperability by an Independent, Trusted Validation Authority. In: Proceedings of 5th Annual PM R&D Workshop “Making PM Easy to Use”. April 2006.Google Scholar
  13. [SafeO4]
    TrustedX White Paper. Safelayer Secure Communications S.A., 2004-2006. http://www.trustedwebservices.org
  14. [YCB+04]
    Yergeau, F., Cowan, J., Bray, T., Paoli, J., Sperberg-McQueen, C.;., Maler, E.: Extensible Markup Language (XML) 1.1. W3C Recommendation, April 2004. http://www.w3.orgITR/2004IREC-xml/1-20040204/

Copyright information

© Friedr. Vieweg & Sohn Verlag | GWV-Fachverlage GmbH, Wiesbaden 2006

Authors and Affiliations

  • Helena Rifà
  • Francisco Jordan

There are no affiliations available

Personalised recommendations