Resource classification based negotiation in web services

Diala Abi Haidar; Nora Cuppens; Frédéric Cuppens; Hervé Debar

doi:10.1109/IAS.2007.54

Resource classification based negotiation in web services

Diala Abi Haidar
, Nora Cuppens
, Frédéric Cuppens
, Hervé Debar

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Trust establishment is necessary in every negotiation between entities from different security domains. It is seen as a first step before gaining access to protected resources. In this paper, we introduce a new classification methodology for protected resources. We use this classification to define the behavior of entities within a state based negotiation process. This process is enforced by two modules, the negotiation module and the exception treatment module. The first one intercepts all the requests for access. It collects credentials and exchanges policies according to the available negotiation policies. The second one is called by the first one whenever an exception is raised. An exception is a non negotiated denied access or locked negotiation.

Original language	English
Title of host publication	Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security
Pages	313-318
Number of pages	6
DOIs	https://doi.org/10.1109/IAS.2007.54
Publication status	Published - 1 Dec 2007
Externally published	Yes
Event	3rd Internationl Symposium on Information Assurance and Security, IAS 2007 - Manchester, United Kingdom Duration: 20 Aug 2007 → 31 Aug 2007

Publication series

Name	Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security

Conference

Conference	3rd Internationl Symposium on Information Assurance and Security, IAS 2007
Country/Territory	United Kingdom
City	Manchester
Period	20/08/07 → 31/08/07

Keywords

Access control
Interoperability
Negotiation
Trust

Access to Document

10.1109/IAS.2007.54

Cite this

@inproceedings{f10194f4266344ee937c62c85d79bcdb,

title = "Resource classification based negotiation in web services",

abstract = "Trust establishment is necessary in every negotiation between entities from different security domains. It is seen as a first step before gaining access to protected resources. In this paper, we introduce a new classification methodology for protected resources. We use this classification to define the behavior of entities within a state based negotiation process. This process is enforced by two modules, the negotiation module and the exception treatment module. The first one intercepts all the requests for access. It collects credentials and exchanges policies according to the available negotiation policies. The second one is called by the first one whenever an exception is raised. An exception is a non negotiated denied access or locked negotiation.",

keywords = "Access control, Interoperability, Negotiation, Trust",

author = "Haidar, \{Diala Abi\} and Nora Cuppens and Fr{\'e}d{\'e}ric Cuppens and Herv{\'e} Debar",

year = "2007",

month = dec,

day = "1",

doi = "10.1109/IAS.2007.54",

language = "English",

isbn = "0769528767",

series = "Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security",

pages = "313--318",

booktitle = "Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security",

note = "3rd Internationl Symposium on Information Assurance and Security, IAS 2007 ; Conference date: 20-08-2007 Through 31-08-2007",

}

Haidar, DA, Cuppens, N, Cuppens, F & Debar, H 2007, Resource classification based negotiation in web services. in Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security., 4299792, Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security, pp. 313-318, 3rd Internationl Symposium on Information Assurance and Security, IAS 2007, Manchester, United Kingdom, 20/08/07. https://doi.org/10.1109/IAS.2007.54

Resource classification based negotiation in web services. / Haidar, Diala Abi; Cuppens, Nora; Cuppens, Frédéric et al.
Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security. 2007. p. 313-318 4299792 (Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Resource classification based negotiation in web services

AU - Haidar, Diala Abi

AU - Cuppens, Nora

AU - Cuppens, Frédéric

AU - Debar, Hervé

PY - 2007/12/1

Y1 - 2007/12/1

N2 - Trust establishment is necessary in every negotiation between entities from different security domains. It is seen as a first step before gaining access to protected resources. In this paper, we introduce a new classification methodology for protected resources. We use this classification to define the behavior of entities within a state based negotiation process. This process is enforced by two modules, the negotiation module and the exception treatment module. The first one intercepts all the requests for access. It collects credentials and exchanges policies according to the available negotiation policies. The second one is called by the first one whenever an exception is raised. An exception is a non negotiated denied access or locked negotiation.

AB - Trust establishment is necessary in every negotiation between entities from different security domains. It is seen as a first step before gaining access to protected resources. In this paper, we introduce a new classification methodology for protected resources. We use this classification to define the behavior of entities within a state based negotiation process. This process is enforced by two modules, the negotiation module and the exception treatment module. The first one intercepts all the requests for access. It collects credentials and exchanges policies according to the available negotiation policies. The second one is called by the first one whenever an exception is raised. An exception is a non negotiated denied access or locked negotiation.

KW - Access control

KW - Interoperability

KW - Negotiation

KW - Trust

U2 - 10.1109/IAS.2007.54

DO - 10.1109/IAS.2007.54

M3 - Conference contribution

AN - SCOPUS:46749116030

SN - 0769528767

SN - 9780769528762

T3 - Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security

SP - 313

EP - 318

BT - Proceedings - IAS 2007 3rd Internationl Symposium on Information Assurance and Security

T2 - 3rd Internationl Symposium on Information Assurance and Security, IAS 2007

Y2 - 20 August 2007 through 31 August 2007

ER -

Resource classification based negotiation in web services

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this