Web Services Security Policy Assertion Trade-offs

摘要

Web services security requirements and capabilities are described in security policies. To enable the seamless interoperation between services, security policy intersection aims to provide a security policy that will satisfy both the service provider and consumer. Not only are there numerous problems with this approach, but is it also difficult for administrators to evaluate the resultant security level supported by such a policy. In contrast to this approach, security policy trade-off analysis can allow parties to make compromises to accommodate each other, while still achieving a satisfactory security level. This paper focuses on modeling the decisions and compromises to be made by web services providers or consumers to be able to interact with each other securely. The security policy support system built to model this problem employs domain vocabularies, fuzzy techniques and domain-specific preferences.