Research Article
Resource Classification Based Negotiation in Web Services
@INPROCEEDINGS{10.1109/IAS.2007.54, author={Diala Abi Haidar and Nora Cuppens and Frederic Cuppens and Herve Debar}, title={Resource Classification Based Negotiation in Web Services}, proceedings={3rd International ICST Symposium on Information Assurance and Security}, publisher={IEEE}, proceedings_a={IAS}, year={2007}, month={9}, keywords={Access control Interoperability Negotiation Trust}, doi={10.1109/IAS.2007.54} }- Diala Abi Haidar
Nora Cuppens
Frederic Cuppens
Herve Debar
Year: 2007
Resource Classification Based Negotiation in Web Services
IAS
IEEE
DOI: 10.1109/IAS.2007.54
Abstract
rust establishment is necessary in every negotiation between entities from different security domains. It is seen as a first step before gaining access to protected resources. In this paper, we introduce a new classification methodology for protected resources. We use this classification to define the behavior of entities within a state based negotiation process. This process is enforced by two modules, the negotiation module and the exception treatment module. The first one intercepts all the requests for access. It collects credentials and exchanges policies according to the available negotiation policies. The second one is called by the first one whenever an exception is raised. An exception is a non negotiated denied access or locked negotiation.
