Managing Trust in Active XML

Abstract : Active XML combines XML data and service calls to allow a simple and powerful Web services implementation. Security in Active XML is currently handled by matching the structure of the received data with an XML schema representing the allowed data (including service calls). This solution is not fully satisfactory in case of an open environment where the services do not often know or trust each other. Moreover, the strength of Active XML lies in its simple and dynamic structure, and the modified XML schemas used for security matching can quickly limit the allowed services, or give too much freedom to services that should not be trusted. Given that the result of an Active XML service call is some Active XML data (that may include more service calls), Active XML data is recursive, thus involving more security concerns. We propose a new framework based on the notion of Trust (Trusted Active XML) for handling security in Active XML. In this framework, "trusted" services' answers are not restricted to a specific data schema, while "untrusted" ones are prevented from performing some unwanted operations.
Document type :
Conference papers
Complete list of metadatas

https://hal.archives-ouvertes.fr/hal-01586242
Contributor : Équipe Gestionnaire Des Publications Si Liris <>
Submitted on : Tuesday, September 12, 2017 - 4:14:52 PM
Last modification on : Tuesday, February 26, 2019 - 11:49:41 AM

Identifiers

Citation

Etienne Canaud, Salima Benbernou, Mohand-Said Hacid. Managing Trust in Active XML. IEEE International Conference on Services Computing, Sep 2004, Shanghai, China. pp.41-48, ⟨10.1109/SCC.2004.1357988⟩. ⟨hal-01586242⟩

Share

Metrics

Record views

82