5 research outputs found
Methodologies, tools and languages for building ontologies. Where is their meeting point?
In this paper we review and compare the main methodologies, tools and languages for building ontologies that have been reported in the literature, as well as the main relationships among them. Ontology technology is nowadays mature enough: many methodologies, tools and languages are already available. The future work in this field should be driven towards the creation of a common integrated workbench for ontology developers to facilitate ontology development, exchange, evaluation, evolution and management, to provide methodological support for these tasks, and translations to and from different ontology languages. This workbench should not be created from scratch, but instead integrating the technology components that are currently available
Trust negotiation policy management for service-oriented applications
Service-oriented architectures (SOA), and in particular Web services, have quickly become a popular technology to
connect applications both within and across enterprise boundaries. However, as services are increasingly used to
implement critical functionality, security has become an important concern impeding the widespread adoption of SOA.
Trust negotiation is an approach to access control that may be applied in scenarios where service requesters are often
unknown in advance, such as for services available via the public Internet. Rather than relying on requesters'
identities, trust negotiation makes access decisions based on the level of trust established between the requester and
the provider in a negotiation, during which the parties exchange credentials, which are signed assertions that describe
some attributes of the owner.
However, managing the evolution of trust negotiation policies is a difficult problem that has not been sufficiently
addressed to date. Access control policies have a lifecycle, and they are revised based on applicable business
policies. Additionally, because a trust relationship established in a trust negotiation may be long lasting, their
evolution must also be managed. Simply allowing a negotiation to continue according to an old policy may be
undesirable, especially if new important constraints have been added.
In this thesis, we introduce a model-driven trust negotiation framework for service-oriented applications. The
framework employs a model for trust negotiation, based on state machines, that allows automated generation of the
control structures necessary to enforce trust negotiation policies from the visual model of the policy. Our policy
model also supports lifecycle management. We provide sets of operations to modify policies and to manage ongoing
negotiations, and operators for identifying and managing impacts of changes to trust negotiation policies on ongoing
trust negotiations.
The framework presented in the thesis has been implemented in the Trust-Serv prototype, which leverages industry
specifications such as WS-Security and WS-Trust to offer a container-centric mechanism for deploying trust negotiation
that is transparent to the services being protected