A Trust Model for Web Services Ph.D Dissertation Progress Report - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

A Trust Model for Web Services Ph.D Dissertation Progress Report

Description:

Liberty PAOS (Reverse HTTP Binding for SOAP) enables the creation of personalized services ... Addresses: Transport security. SOAP message security. But not ... – PowerPoint PPT presentation

Number of Views:343
Avg rating:3.0/5.0
Slides: 21
Provided by: cse7
Learn more at: http://www.cse.fau.edu
Category:

less

Transcript and Presenter's Notes

Title: A Trust Model for Web Services Ph.D Dissertation Progress Report


1
A Trust Model for Web ServicesPh.D
Dissertation Progress Report Candidate Nelly A.
Delessy, Advisor Dr E.B. FernandezDepartment
of Computer Science and EngineeringFlorida
Atlantic University, Boca Raton FL
2
Introduction
  • Dissertations goal to develop a unified trust
    model for web services
  • Will indicate how it can be interfaced to
    existing access control models for web services
  • Will include trust management through trust
    policies, and dynamic aspects such as trust
    negotiation
  • Using UML and/or some mathematical formalism

3
Dissertation Progress
  • What has been done Existing Web services Access
    Control Models
  • Patterns for XACML and the application firewall
    (last semesters)
  • Patterns for the WS- Family WS-Security and
    WS-Policy
  • Methodology to compare standards Included in the
    paper Using patterns to compare web services
    security products and standards
  • This semester
  • Inclusion of wireless aspects
  • Future work
  • Develop the Trust model itself

4
Dissertation Progress
  • Future work
  • Description of the interface between trust model
    and access control model for web services(Spring
    2006 Summer 2006)

5
Dissertation Progress
  • Future work
  • Define the static elements of the trust model
    formally (Fall 2006)
  • Develop the dynamic aspects of the trust model
    (Fall 2006)
  • Identify patterns from the model (Fall 2006)
  • Publish a Journal Paper from one of these steps

6
Wireless Web Services Architectures
7
Introduction
  • Web services are becoming important for user
    access to services that depends on location and
    they are appearing in mobile devices.
  • The concept of dynamic access to web services
    allied with the flexibility of wireless accesses
    makes it possible to envisage a new type of
    applications, where the mobility of the user
    supplies the application with context elements.
  • Examples in the field of disaster management,
    location services, advertising (service
    discovery), etc

8
Architectures
  • Gateway architecture
  • used when portable devices are limited in memory
    and computational power.
  • And/or the connection bandwidth and reliability
    of the wireless connection are limited.
  • An example of this compressed format WML
    (equivalent of HTML in the WAP stack, available
    in many phones), or for basic scenarios such as
    the push of information, the gateway can
    transform SOAP messages into SMS, or voice.

9
Architectures
  • Direct consumer architecture
  • portable devices must have built-in
    implementations of the web services technologies
    (high end market segment, now), ex smart phones,
    PDAs, and laptops.
  • Hardware and operating systems security is an
    important issue in this configuration.
  • the device, that is now a consumer of web
    services, can run client applications from
    different providers, a strong level of security
    is needed, including some type of authorization
    system, such as a subset of XACML or WS-

10
Architectures
  • Use of mobile agents
  • approach is suggested in Bel03b.
  • proxies act on behalf of a client.
  • Rationale using a web service can imply multiple
    passes between client, server and third parties
    (for security purposes for example) while the
    wireless link is not reliable and the bandwidth
    can be limited.

11
Architectures
  • Direct consumer architecture
  • The mobile device is a WS Provider
  • Ex to expose the users calendar, its profile
  • Liberty PAOS (Reverse HTTP Binding for SOAP)
    enables the creation of personalized services
  • Privacy issues

12
Pattern diagram for wireless web services
security patterns
13
Class diagram for Access Control List (ACL)
14
Class diagram for Capability
15
Class diagram for SAML
16
Class diagram for the Liberty Alliance Identity
Federation
17
Sequence Diagram for Single Sign On
18
OMA OWSER
  • OMA Open Mobile Alliance
  • OWSER OMA Web Services Enabler
  • Addresses
  • Transport security
  • SOAP message security
  • But not application security
  • Are working on providing profiling standards,
    such as Liberty Alliance, OCSP, WSDL wireless
    web services

19
OMA OWSER
  • To provide identity-based Web Services
  • They propose to use Liberty Alliance specs
  • Circle of Trust

20
The Web Services "stack" described by the OWSER
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "A Trust Model for Web Services Ph.D Dissertation Progress Report" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!