Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
WSACT : a model for Web Services access control incorporating trust
Thesis (PhD (Computer Science))--University of Pretoria, 2008.
Saved in:
| Other Authors: | |
|---|---|
| Format: | Thesis |
| Published: |
University of Pretoria
2013
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613722015432704 |
|---|---|
| access_status_str | Open Access |
| author2 | Eloff, Jan H.P. |
| author_browse | Eloff, Jan H.P. |
| author_facet | Eloff, Jan H.P. |
| collection | Thesis |
| dc_rights_str_mv | © University of Pretoria 20 |
| description | Thesis (PhD (Computer Science))--University of Pretoria, 2008. |
| format | Thesis |
| id | oai:repository.up.ac.za:2263/26173 |
| institution | University of Pretoria (South Africa) |
| last_indexed | 2026-06-10T12:40:39.540Z |
| license_str | Other — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from UPSpace — University of Pretoria Institutional Repository |
| publishDate | 2013 |
| publishDateRange | 2013 |
| publishDateSort | 2013 |
| publisher | University of Pretoria |
| publisherStr | University of Pretoria |
| record_format | dspace |
| source_str | UPSpace — University of Pretoria Institutional Repository |
| spelling | oai:repository.up.ac.za:2263/26173 WSACT : a model for Web Services access control incorporating trust Eloff, Jan H.P. mco@rau.ac.za Coetzee, Marijke Virtual infrastructures Security domains Computing resources UCTD Thesis (PhD (Computer Science))--University of Pretoria, 2008. Today, organisations that seek a competitive advantage are adopting virtual infrastructures that share and manage computing resources. The trend is towards implementing collaborating applications that are supported by web services technology. Even though web services technology is rapidly becoming a fundamental development paradigm, adequate security constitutes the main concern and obstacle to its adoption as an industry solution. An important issue to address is the development of suitable access control models that are able to not only restrict access to unauthorised users, but also to discriminate between users that originate from different collaborating parties. In web services environments, access control is required to cross the borders of security domains, in order to be implemented between heterogeneous systems. Traditional access control systems that are identity-based do not provide a solution, as web services providers have to deal with unknown users, manage a large user population, collaborate with others and at the same time be autonomous of nature. Previous research has pointed towards the adoption of attribute-based access control as a means to address some of these problems. This approach is still not adequate, as the trustworthiness of web services requestors cannot be determined. Trust in web services requestors is thus an important requirement to address. For this reason, the thesis investigated trust, as to promote the inclusion of trust in the web services access control model. A cognitive approach to trust computation was followed that addressed uncertain and imprecise information by means of fuzzy logic techniques. A web services trust formation framework was defined that aims to populate trust concepts by means of automated, machine-based trust assessments. The structure between trust concepts was made explicit by means of a trust taxonomy. This thesis presents the WSACT – or the Web Services Access Control incorporating Trust –model. The model incorporates traditional role-based access control, the trust levels of web services requestors and the attributes of users into one model. This allows web services providers to grant advanced access to the users of trusted web services requestors, in contrast to the limited access that is given to users who make requests through web services requestors with whom a minimal level of trust has been established. Such flexibility gives a web services provider the ability to foster meaningful business relationships with others, which portrays humanistic forms of trust. The WSACT architecture describes the interacting roles of an authorisation interface, authorisation manager and trust manager. A prototype finally illustrates that the incorporation of trust is a viable solution to the problem of web services access control when decisions of an autonomous nature are to be made. Computer Science unrestricted 2013-09-07T03:37:24Z 2008-07-15 2013-09-07T03:37:24Z 2006-09-07 2008-07-15 2008-07-10 Thesis a 2006 http://hdl.handle.net/2263/26173 http://upetd.up.ac.za/thesis/available/etd-07102008-075251/ © University of Pretoria 20 application/pdf University of Pretoria |
| spellingShingle | Virtual infrastructures Security domains Computing resources UCTD WSACT : a model for Web Services access control incorporating trust |
| title | WSACT : a model for Web Services access control incorporating trust |
| title_full | WSACT : a model for Web Services access control incorporating trust |
| title_fullStr | WSACT : a model for Web Services access control incorporating trust |
| title_full_unstemmed | WSACT : a model for Web Services access control incorporating trust |
| title_short | WSACT : a model for Web Services access control incorporating trust |
| title_sort | wsact a model for web services access control incorporating trust |
| topic | Virtual infrastructures Security domains Computing resources UCTD |
| url | http://hdl.handle.net/2263/26173 http://upetd.up.ac.za/thesis/available/etd-07102008-075251/ |