Research On Trust-Based Access Control In Web Service

In Web Service, authorization takes service providers issue of uncertainty, vulnerability, and risk. It can not be guaranteed for providers to access to income through authorization. As a technology of enhancing authorization, the current access control researches on Web Service still focus on security. The current access control technology is used to deal with attack and threat, and can not resovle former questiones. In this paper trust-based access control of Web Service is researched. Different permissions are set for corresponding trust threshold. Through threshold to select suitable requestors to authorize, providers can control requestors'actions after authorization. Providers can access to more income, and have less issue of uncertainty, vulnerability, and risk. In this paper, the research works and achievements are as follows:1. In-depth analysis of the problem of authorization, trust-based access control of Web Service is defined formally. And then, authority policy and decision-making mechanism of trust-based access control for Web Service are depth analysis. Authority policy is used to define trust threshold of different permissions. And decision-making mechanism is used to resovle how to make a decision based on trust threshold and trust value.2. A trust-based access control model of Web Service, WS-TBAC, is designed, based on WS-Trust, WS-Federation, SAML, and XACML. Receiving Algorithm and datum about trust computation and policy used in access control from providers, WS-TBAC computes trust value of requestors, and evaluates whether requestors are trustworthy to give authorization or not, instead of providers. Finally, WS-TBAC gives a trust token to requestors, which contains the result whether requestors can get authorization or not. WS-TBAC is designed an independent entity, like authentication center, can be used flexibly.3. A method to establish relationship between permission and trust threshold, is designed through Analytical Hierarchy Process (AHP). The relationship between permission and trust threshold is saved in authority policy model. So managenment of authority policy model should be researched. This method can achieve the following functions: different permissions have their own trust thresholds; new requestors can access permissions, and have direct interaction with providers. 4. A new algorithm to compute trust value of Web Service is designed. This algorithm use direct trust to compute trust value. Trust value is the sum of all direct interaction of all permissions between requestors and providers. And trust value from one direct interaction, is based on difference of real income and providers'expectation income. The weight in algorithm is computed through AHP. And the function in algorithm is computed through method of function fitting. The algorithm to compute trust value can accord with the method to establish relationship between permission and trust threshold, to achieve the following functions: requestors accumulate trust and access to new permission, and providers select suitable requestors to authorize; requestors whose real income do not comply with providers'expectation income are punished.5. Simulation. Different trust threshold simulation is designed to show WS-TBAC model can ensure providers'income. Comparison between other algorithm and algorithm in this paper is designed, to show algorithm in this paper better. To summarize, trust-based access control set different permissions'trust thresholds to select suitable requestors to authorize, controlling requestors'action after authorization. As a result, providers'income can be ensured and issues of uncertainty, vulnerability, and risk can be reduced.