Trust-Based Security Management For Web Services

Web services are gaining more and more importance as a technology to develop distributed service-oriented applications. With the growing number of services, especially within corporate networks, the expense to maintain user accounts for every single service grows tremendously.Many researches proposed selection systems to automatically rank and select the optimum web service between the deployed candidates. Others adopt this problem in dynamic environment where the behaviors of web service changes with the time and with the competition with new web services. In the course of this thesis an environment was designed and developed under a Simoffice environment platform with trust-based access control for Web services.The basic idea behind this concept was to create a self maintaining system, where access restrictions are set automatically. For this purpose an algorithm was developed, which mimics the way humans pronounce a judgment about another party. The whole system has to be accessible to every authorized user. To meet the requirements, a mechanism is utilized that most people use everyday. TrustThis trust based approach was finally implemented in the SimOffice case study to demonstrate that this way to maintain user accounts eventually leads to a reduction of effort, even in a system completely based on Web services.This approach intends to mimic the decisions taken by humans when it comes to judging whether an action of an opposing party is beneficial or not. The goal is to create a federation of Web services where security is assured both by common safety techniques for transport and privacy and a trust-based approach for access control.Creating such a system is not an easy task because systems regulated by trust-based mechanisms tend to be unstable in long-term view. This would result in a complete distrust or the counterpart, a blind trust situation. Neither of these two conditions is suitable for a computer system whose main task is to provide a public service. This thesis will treat the problem of establishing trust relationships and evaluate the capabilities of trust-based access control.Furthermore, some ways to extend this approach to systems based on other technologies were discussed.