TY - GEN
T1 - An architectural approach for assessing system trust based on security policy specifications and security mechanisms
AU - Bahtiyar, Şerif
AU - Cihan, Murat
AU - Çaǧlayan, Mehmet Ufuk
PY - 2009
Y1 - 2009
N2 - We investigate trust relationships between and within a security policy and a security mechanism to assess system trust of software application. It has been recognized that trust assessment of security systems in dynamic environments with multiple entities, each with its own changing needs from the security mechanisms, is a complex task. In this paper, we propose a novel architectural approach to assess system trust of service oriented environments. The primary goal of this architecture is to show a way for constructing an automated system for trust assessment of web services. Particularly, we consider beliefs of an entity about a speci.c security mechanism of a service and the behavior of the service. In addition, we present new trust metrics for assessing system trust of a web service. Furthermore, trust and trust related issues in literature are reviewed to make clear the pros of our approach for trust assessment.
AB - We investigate trust relationships between and within a security policy and a security mechanism to assess system trust of software application. It has been recognized that trust assessment of security systems in dynamic environments with multiple entities, each with its own changing needs from the security mechanisms, is a complex task. In this paper, we propose a novel architectural approach to assess system trust of service oriented environments. The primary goal of this architecture is to show a way for constructing an automated system for trust assessment of web services. Particularly, we consider beliefs of an entity about a speci.c security mechanism of a service and the behavior of the service. In addition, we present new trust metrics for assessing system trust of a web service. Furthermore, trust and trust related issues in literature are reviewed to make clear the pros of our approach for trust assessment.
KW - Assessment
KW - Trust
UR - http://www.scopus.com/inward/record.url?scp=70350634081&partnerID=8YFLogxK
U2 - 10.1145/1626195.1626214
DO - 10.1145/1626195.1626214
M3 - Conference contribution
AN - SCOPUS:70350634081
SN - 9781605584126
T3 - SIN'09 - Proceedings of the 2nd International Conference on Security of Information and Networks
SP - 71
EP - 74
BT - SIN'09 - Proceedings of the 2nd International Conference on Security of Information and Networks
T2 - 2nd International Conference on Security of Information and Networks, SIN'09
Y2 - 6 October 2009 through 10 October 2009
ER -