TY - GEN
T1 - Usage control in service-oriented architectures
AU - Pretschner, Alexander
AU - Massacci, Fabio
AU - Hilty, Manuel
PY - 2007
Y1 - 2007
N2 - Usage control governs the handling of sensitive data after it has been given away. The enforcement of usage control requirements is a challenge because the service requester in general has no control over the service provider's information processing devices. We analyze applicable trust models, conclude that observation-based enforcement is often more appropriate than enforcement by direct control over the service provider's actions, and present a logical architecture that blends both forms of enforcement with the business logics of serviceoriented architectures.
AB - Usage control governs the handling of sensitive data after it has been given away. The enforcement of usage control requirements is a challenge because the service requester in general has no control over the service provider's information processing devices. We analyze applicable trust models, conclude that observation-based enforcement is often more appropriate than enforcement by direct control over the service provider's actions, and present a logical architecture that blends both forms of enforcement with the business logics of serviceoriented architectures.
UR - http://www.scopus.com/inward/record.url?scp=37249079159&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-74409-2_11
DO - 10.1007/978-3-540-74409-2_11
M3 - Conference contribution
AN - SCOPUS:37249079159
SN - 9783540744085
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 83
EP - 93
BT - Trust, Privacy and Security in Digital Business - 4th International Conference, TrustBus 2007, Proceedings
PB - Springer Verlag
T2 - 4th International Conference on Trust, Privacy and Security in Digital Business, TrustBus 2007
Y2 - 4 September 2007 through 6 September 2007
ER -