3rd International ICST Symposium on Information Assurance and Security

Research Article

Resource Classification Based Negotiation in Web Services

  • @INPROCEEDINGS{10.1109/IAS.2007.54,
        author={Diala  Abi Haidar and Nora  Cuppens and Frederic  Cuppens and Herve Debar},
        title={Resource Classification Based Negotiation in Web Services},
        proceedings={3rd International ICST Symposium on  Information Assurance and Security},
        publisher={IEEE},
        proceedings_a={IAS},
        year={2007},
        month={9},
        keywords={Access control  Interoperability  Negotiation  Trust},
        doi={10.1109/IAS.2007.54}
    }
    
  • Diala Abi Haidar
    Nora Cuppens
    Frederic Cuppens
    Herve Debar
    Year: 2007
    Resource Classification Based Negotiation in Web Services
    IAS
    IEEE
    DOI: 10.1109/IAS.2007.54
Diala Abi Haidar1,2, Nora Cuppens2, Frederic Cuppens2, Herve Debar1
  • 1: France Telecom R&D Caen, 42 rue des coutures BP 6243, 14066 CAEN, France
  • 2: ENST Bretagne, 2 rue de la chataigneraie, 35512 Cesson Sevigne Cedex, France

Abstract

rust establishment is necessary in every negotiation between entities from different security domains. It is seen as a first step before gaining access to protected resources. In this paper, we introduce a new classification methodology for protected resources. We use this classification to define the behavior of entities within a state based negotiation process. This process is enforced by two modules, the negotiation module and the exception treatment module. The first one intercepts all the requests for access. It collects credentials and exchanges policies according to the available negotiation policies. The second one is called by the first one whenever an exception is raised. An exception is a non negotiated denied access or locked negotiation.