CCS

We describe the implementation of role-based access control in a data service integration system. Users in research or other projects may access a diverse collection of data sources but are to allowed access to only the part of the data collection that ...

Nowadays many organizations use security policies to control access to sensitive resources. Moreover, exchanging or sharing services and resources is essential for these organizations to achieve their business objectives. Since the eXtensible Access ...

In this paper, we present an efficient, novel framework for establishing, assessing, and managing trust in inter-organizational relationships, in terms of allowable network sharing, that is based on analyzing an invariance property of a computer network ...

In this paper, we propose a modular and fully decentralized protocol to orchestrate fair exchanges between mutually distrustful yet collaborating web services. Our motivation roots in the observation that fair exchange is a key problem in settings where ...

The promise ofWeb Service Computing is to utilizeWeb services as fundamental elements for realizing distributed applications/solutions. In particular, when no available service can satisfy client request, (parts of) available services can be composed ...

Current regulatory requirements in the U.S. and other countries make it increasingly important for Web Services to be able to enforce and verify their compliance with privacy policies. Structured policy languages can play a major role by supporting ...

Exchanging multimedia objects between wide ranges of distributed applications, web services, and end-users is rapidly increasing in several application domains (medicine, surveillance, e-learning, etc.). In confidential applications, one of the emergent ...

A major obstacle on the way to the successful deployment and operation of Web services on a larger scale is a lack of sophisticated semantics model to represent and communicate the data. To solve the problem, semantics-aware Web services have been ...

SOAP message exchange is one of the core services required for system integration in Service Oriented Architecture (SOA) environments. One key concern in a SOA is thus to provide Message Level Security (as opposed to point to point security). We observe ...

WebMail proposes to migrate existing SMTP-based mail systems to Web-Services. We show how a verifiably-correct, generic mail service that enables extensions of SMTP-based standard mail use cases that avoids known misuse cases can be specified using WSDL ...

Single sign-on is critical for the usability of distributed systems. While there are several authentication mechanisms which support single sign-on (e.g. Kerberos and X.509), it may be difficult to modify a particular legacy application to utilize an ...

In this paper we propose a security architecture for Virtual Organizations for businesses. The Virtual Organizations we consider are based on web servicetechnology, and are dynamic, i.e. their membership may change frequently throughout its lifetime. ...

This article introduces a framework for authentication and authorization in e-health services. It aims to build the architecture for authentication and authorization within an e-health service system. The architecture will help to build a secure and ...

Given an open cascading Web services environment, this paper deals with the following problems: 1) how to compute trust index of a service provider or a service requestor, which is dynamic and is continuously updated to reflect service providers'/...

Protecting personal privacy information is an inherently difficult problem. Privacy enhancing agents are software agents that help web users to protect their private information by collecting web site P3P [1] information and exchanging knowledge of web ...