A Framework for Web Services Security Policy Negotiation

In today’s business environment, the use of web services technology is becoming more popular. This growth has been met with an increase of security related attacks, which has caused web services providers to adopt stricter security policies. As not all web service consumers can implement the security requirements of web services providers, they may turn to use the services of other providers. In order to address this problem, this paper introduces a framework for a web services security policy negotiation system that web services consumers and providers can use to negotiate a customised security contract. The framework is defined over current web services technology, to be used by business-to-business (B2B) web services collaborations. The inflexibility of current security policy specification languages for negotiation is overcome, by incorporating human intuitiveness supported by an intelligent negotiation support system.

[1]  Dickson K. W. Chiu,et al.  Enabling Web Services Policy Negotiation with Privacy preserved using XACML , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[2]  Yijun Li,et al.  Information exchange and conflict analysis in e-business negotiation support system , 2005, Proceedings of ICSSSM '05. 2005 International Conference on Services Systems and Services Management, 2005..

[3]  Injoo Jang,et al.  Policy Negotiation System Architecture for Privacy Protection , 2008, 2008 Fourth International Conference on Networked Computing and Advanced Information Management.

[4]  Walid G. Aref,et al.  Security models for web-based applications , 2001, CACM.

[5]  Gregory E. Kersten,et al.  WWW-based negotiation support: design, implementation, and use , 1999, Decis. Support Syst..

[6]  Jeffrey Hasan,et al.  Expert Service-Oriented Architecture in C# 2005, Second Edition , 2004 .

[7]  Tung X. Bui,et al.  Negotiation Support Systems Minitrack , 2005, Proceedings of the 38th Annual Hawaii International Conference on System Sciences.

[8]  Cheng Wu,et al.  A Semi-automated Negotiation Process to Improve the Usability for Online Marketplaces , 2007, 7th IEEE International Conference on Computer and Information Technology (CIT 2007).

[9]  Peter L. Reiher,et al.  Negotiating Agreements Using Policies in Ubiquitous Computing Scenarios , 2007, IEEE International Conference on Service-Oriented Computing and Applications (SOCA '07).

[10]  R. Buyya,et al.  Towards a Meta-Negotiation Architecture for SLA-Aware Grid Services , 2008 .

[11]  Jeffrey Hasan Expert Service-Oriented Architecture in C# , 2004, Apress.

[12]  Yufei Yuan,et al.  A Web-Based Negotiation Support System , 1998, Electron. Mark..

[13]  Asit Dan,et al.  Web services agreement specification (ws-agreement) , 2004 .

[14]  Asir S Vedamuthu,et al.  Web Services Policy 1.5 - Framework , 2007 .

[15]  Gregory E. Kersten,et al.  Negotiation Support Systems and Software Agents in E-Business Negotiations , 2001 .

[16]  Jeffrey M. Bradshaw,et al.  KAoS policy management for semantic Web services , 2004, IEEE Intelligent Systems.

[17]  Yuqiang Feng,et al.  The Crucial Problem of the NSS in the Ecommerce , 2007, The 2007 International Conference on Intelligent Pervasive Computing (IPC 2007).

[18]  M. Shakun,et al.  Mediator: Towards a Negotiation Support System , 1985 .

[19]  Patrick C. K. Hung,et al.  WS-Negotiation: an overview of research issues , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[20]  George Yee,et al.  Security Personalization for Internet and Web Services , 2008 .

[21]  L. Thompson,et al.  The Mind and Heart of the Negotiator , 1997 .

[22]  Elaine Lawrence,et al.  Automating Contract Negotiation , 2008, Fifth International Conference on Information Technology: New Generations (itng 2008).

[23]  Russell Lock Automated Negotiation for Service Contracts , 2006, 30th Annual International Computer Software and Applications Conference (COMPSAC'06).

[24]  N. R. Jennings,et al.  To appear in: Int Journal of Group Decision and Negotiation GDN2000 Keynote Paper Automated Negotiation: Prospects, Methods and Challenges , 2022 .

[25]  G. Kersten,et al.  INSS-A New Approach in Designing Web-Based Negotiation Support Systems , 2006 .

[26]  Anne H. Anderson An introduction to the Web Services Policy Language (WSPL) , 2004, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004..

[27]  Gregory E. Kersten,et al.  Supporting International Negotiation with a WWW-Based System , 1997 .

[28]  Phillip Hallam-Baker,et al.  Web services security: soap message security , 2003 .