论文信息 - A System for Interactive Authorization for Business Processes for Web Services

A System for Interactive Authorization for Business Processes for Web Services

Business Processes for Web Services are the new paradigm for virtual organization. In such cross organizational partnerships no business partner may guess a priori what kind of credentials will be sent by clients nor the clients may know a priori the needed credentials for the successful completion of a business process. This requires an interaction between server and clients.

Fabio Massacci | Hristo Koshutanski

[1] Marianne Winslett,et al. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation , 2003, TSEC.

[2] Fabio Massacci,et al. An access control framework for business processes for web services , 2003, XMLSEC '03.

[3] Joon S. Park,et al. Access control mechanisms for inter-organizational workflow , 2001, SACMAT '01.

[4] Peter Sewell,et al. Cassandra: flexible trust management, applied to electronic health records , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[5] Elisa Bertino,et al. The specification and enforcement of authorization constraints in workflow management systems , 1999, TSEC.

[6] Fabio Massacci,et al. Interactive Access Control for Web Services , 2004, SEC.

[7] Ninghui Li,et al. Design of a role-based trust-management framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[8] Ninghui Li,et al. Distributed Credential Chain Discovery in Trust Management , 2003, J. Comput. Secur..

[9] David W. Chadwick,et al. The PERMIS X.509 role based privilege management infrastructure , 2002, SACMAT '02.

[10] Vijayalakshmi Atluri,et al. A Chinese wall security model for decentralized workflow systems , 2001, CCS '01.