A Literature Review on Trust Management in Web Services Access Control

International Journal on Web Service Computing (IJWSC), Vol.4, No.3, September 2013
DOI : 10.5121/ijwsc.2013.4301 1
A Literature Review on Trust Management in Web
Services Access Control
R.Joseph Manoj1
and Dr.A.Chandrasekar2
1
Research Scholar, Manonmaniam Sundaranar University, Tirunelveli, Tamilnadu, India
&
Associate Professor, Department of MCA, St.Joseph’s College of Engineering, Chennai,
India,
2
Professor, Department of CSE, St.Joseph’s College of Engineering, Chennai, India
ABSTARCT
Web Service is a reusable component which has set of related functionalities that service requesters can
programmatically access from the service provider and manipulate through the Web. One of the main
security issue is to secure web services from the malicious requesters. Since trust plays an important role in
many kinds of human communication, it allows people to work under insecurity and with the risk of
negative cost, many researchers have proposed different trust based web services access control model to
prevent malicious requesters. In this literature review, various existing trust based web services access
control model have been studied also investigated how the concept of a trust level is used in the access
control policy of a service provider to allow service requester to access the web services.
KEYWORDS:
Web Services, Access model, security, trust, trust model.
1. INTRODUCTION
A Web Services is a method which is used to communicate between two electronic devices over
the web. Web Services are a set of methods and functions that are described by a Web Services
Description Language (WSDL) and published using Universal Description Discovery and
Integration (UDDI). Web Services are becoming a popular technology which brings great
economic benefits to people in the development of complex web applications.
Web services describes a standardized way of integrating Web-based applications using the
XML, Simple Object Access Protocol (SOAP), WSDL and UDDI open standards over an Internet
protocol backbone. XML is used to tag the data, SOAP is used to transfer the data, WSDL is used
for describing the services available and UDDI is used for listing what services are available.
Used primarily as a means for businesses to communicate with each other and with clients, Web
services allow organizations to communicate data without intimate knowledge of each other's IT
systems behind the firewall.

2
Unlike traditional client/server models, such as a Web server/Web page system, Web services do
not provide the user with a GUI. Web services instead share business logic, data and processes
through a programmatic interface across a network. Web services allow different applications
from different sources to communicate with each other without time-consuming custom coding,
and because all communication is in XML, Web services are not tied to any one operating system
or programming language. Web services are sometimes called application services.
However it also brings a lot of security issues at the same time. The main security issue is
malicious user access of web services. This is the crucial security issue every service provider
face now. To avoid various security issues both providers and requesters’ follows identity and
trust policies.
1.1 Web Services Architecture
The following principles that make the implementation of the web service architecture are as
follows:
• Message orientation— Messages only used to communicate between services and
messages often have a life beyond a given transmission event.
• Protocol composability— This principle avoids issue of monolithic application through
the use of communications protocol that may be used in nearly any combination.
• Autonomous services— These services allows endpoints to be independently built,
deployed, managed, versioned, and secured.
• Managed transparency— It makes the endpoints are (and are not) visible to external
services.
• Protocol-based integration— It is restricting cross-application coupling to wire artifacts
only
Web services architecture is depicted in Fig 1,
Fig 1: Web Services architecture
In the web services architecture, there are three main operations 1.Serivce provider Publishes web
Services in registries 2.Service requester finds the service 3.Service requester and provider
interaction through secure message passing protocol. Service requester and service provider are
playing important role. Service provider is the person who provides services to different users

3
through web. Service requester is the person who access service from the service provider
through web. Service registry facilitates requester to discover the service available in the registry
1.2 Web Services Security
Web Services, like common web applications relies on the same HTTP transport protocol and the
basic web architecture. Hence it is susceptible to similar threats and vulnerabilities. The security
mechanism called as Web Service Security (WS-Security) that provides rich extension features to
SOAP to secure web services. It is a member of the WS-Security family of web service
specifications and was published by OASIS (Web Services Security – Wikipedia).
Basic concepts that web services Security are based on the following characteristics (Bertino,
Carminati and Ferrari, 2001; Han, Park and Lim, 2011; Nordbotten, 2009; Singhal, Winograd and
Scarfone, 2007; Web Services Security – Wikipedia):
1. Identification and Authentication: Verifying the identity of the user, process or device to
allow access to a resource or information system
2 Authorization: The permission to use a resource
3. Integrity: The property which doesn’t allow the data to be modified in any unauthorized
manner while in storage, processing
4. Non-repudiation: Non-denial by either sender or receiver of having sent or received the
information, respectively
5. Confidentiality: Preserving authorized restriction and information access
6. Privacy: This is restricting the access of customer according to organizational Policy and law.
The open community has developed different security standards for Web Services. Few of
Security standards of web services are as follows.
1.WS-Trust: It is describing the framework for trust models that enables web services to operate
securely
2.WS-Policy: Describe the conditions of the security policies to restrict access of entities.
3.WS-Privacy: Describes a model of state privacy preferences of service provider and requester.
4.WS-Security: Describes security mechanisms such as attach signatures and encryption to
SOAP messages
5.WS-Federation: Describe to manage the trust relationships in a heterogeneous environment.
6.WS-SecureConversation:This standard describes about managing and authenticating message
exchanges between parties including security context exchange
7.WS-ReliableMessaging. This standard allows web services and clients to trust when a message
is sent.
8.WS-AtomicTransactions. This standard allows transaction-based web services in which
transactions can be rolled back in the event of a failure.

4
The industry has contributed much work to the security issues in web services, including two
major standards:
1. Security Assertion Markup Language (SAML)
2. eXtensible Access Control Markup Language (XACML).
SAML defines an XML framework for exchanging authentication and authorization information
for securing Web services.
XACML is an XML access control framework which specifies access control policies for Web-
based resources. Other emerging web service specifications include WS-Security and WS-Policy.
WS-Security is a specification for securing SOAP messages using XML Encryption and XML
Signature standards. WS-Policy framework is used to stipulate the security policies in terms of
their characteristics and features such as required security tokens, encryption algorithms, privacy
rules, etc.
The rest of this paper is organized as follows: Section 2 says about web services access control.
Section 3 discusses concepts for trust management. Section 4 analyses trust based access model
in web services. Section 5 provides details of trust metrics for services and service requester.
Section 6 says about policy representation. Concluding remarks are given in Section 7. Future
direction has been provided the way to enhance the existing models is given in section 8.
2. WEB SERVICES ACCESS CONTROL
Access control model for a web service is to restrict the set of clients or subjects that can invoke
the operations offered by the service. Because the clients are usually not known a priori,
credentials are adopted to enforce access control. Credentials are assertions describing the
properties that are used to implement trust between the service provider and service
requester.Access control policies define rules stating that only subjects with certain credentials
satisfying specific conditions can interact with a web service.
Access control is not a new paradigm, which has been widely studied in the literature and
especially in database systems; only recently work on security for web service has emerged as an
important part of the Web service. Most access control approaches assume a single operation
model where operations are independent from each other. Access control is either enforced at the
level of the entire web service or at the level of single operations.
Initially, the web service may ask the client to provide all the credentials associated with all
operations of that Web service in advance. This approach guarantees that a client will always
arrive at the end of the conversation. However, this approach has an issue that the client will
become aware of all policies on the base of which access control is enforced. Another issue is that
the client may have to submit more credentials than needed. An alternative strategy is to require
only the credentials associated with the next operation that the client wants to perform. This
strategy has the advantage of asking from the client only the necessary credentials to access the
requested operation. However, the client is continuously solicited to provide credentials for each
transition.

5
Access control for Web services is already becoming the hot topic in the field of Web services
security. Therefore, an effective access control model is needed to avoid this kind of malicious
user behaviors. Some of the traditional access control models are discussed below
Role-Based Access Control (RBAC) [1] is the one of the most important and widely used Web
Service access control scheme. In such access control schemes, clients are assigned roles that
contain permissions in order to gain a secure access to specific Web Services.
Attribute-Based Access Control (ABAC) models add more dynamicity to the traditional RBAC
systems [2].These models make use of attributes owned by the clients, the providers, and some
other attributes related to the environment. Decisions are be made to allow or deny the request
based on all these attributes
Context Aware Access Control; RBAC and ABAC access models are providing ways to include
contextual information (Bacon et.al, 2002; Huselboch et.al. 2005; Strembeck and Neumann,
2004).Other access control models that spotlight on context have been proposed as follows
Governance Based Access Control (GBAC) [3] The basic idea of the concept is that transactions
must be controlled by the relevant legislation to which the organizations sharing the information
are accountable. Hence any request for information is verified against the existing laws or
regulations before it is granted the permission.
Session Based Access Control (SBAC) [3], here the context of a transaction is limited to a
session. Access to resources restricted based on the attributes of the subjects and the properties of
the objects but the rights that can be applied at a given time are limited based on the context
defined by the access session (Fernandez and Pernul, 2006)
Location-Based Access Control (LBAC) permits the requester to access the resource based on
requester's physical location which may be pooled with other attributes related to identity of the
requester. Ardagna et.al (2006) proposes combining location with user credentials to support
access control decisions.
The Global Roles scheme [21] is one technique where global Web Services rely on global roles.
This composition combines more than one local service from different providers. Therefore, the
global roles must contain information about all the local services invoked by the global service.
Other systems use policy files, instead of global roles, in both single and composite scenarios in
order to check the validity of the client’s request and its possession of the right permissions.
Further analysis and operations must be performed in composite Web Services to combine the
policy files for all involved services.
Semantic Access Control (SAC) [33] is a new kind of access control model, which uses machine
reasoning at a semantic level to determine whether, let the requests pass according to the semantic
descriptions of the policies, requests, resources and other entities.SAC more scalable, more
applicable to dynamic environments with heterogeneous and complex access criteria. Since the
foundation of SAC is the semantic web technologies, it cannot be applied in all access control
fields.
Trust-Based Access Control systems (TBAC) [21] are different from the previous access control
schemes since clients’ trust levels are dynamically calculated based on some statistical analysis of

6
behaviors, activities and previous access attempts. Thus, service violations and bad client
behavior lead to a decrease of the trust level, whereas good behavior leads to an increase in the
trust level.
2.1. General access control model architecture
The access control architecture presented by XACML standard [35] from OASIS is depicted in
Fig 2.
Fig 2: General access control model architecture
The below Architecture specifies five main actors to handle access decisions:(1) Policy
Enforcement Point (PEP), (2) Policy Decision Point (PDP), (3) Policy Information Point (PIP),
(4) Policy Administration Point (PAP), and (5) Context handler.
Policy Enforcement Point (PEP) is responsible for enforcing policy decisions. It processes an
event and sends a formatted request to the PDP (Step 4). The PDP responds with a decision and

7
the associated actions which the PEP will carry out (Steps 9 and 10). The PEP then acts upon the
returned result by allowing the request to proceed or by denying the action in case of respectively
a positive or a negative authorization decision (Step 11).
Policy Decision Point (PDP) is a policy evaluation engine. The PDP receives authorization
requests from PEP (Step 5) and evaluates these requests against authorization policies retrieved
from the PAP (Step 1). Policy Information Point (PIP) retrieves necessary attributes for the policy
evaluation from several external or internal actors (Step 8) such as resource to be accessed,
environment, subjects, and so forth.
Policy Administration Point (PAP) holds all the policies used by PDP.
Context handler mediates between the different components of the XACML access control
architecture.
2.2 Access Control Constraints and Actions
Web services access control models introduces detailed definitions of the constraint categories as
follows
Mapping Constraint: Constraints imposed on role-user, permission-role or trust level-role
assignment
Attribute constraints: Describes the constraints of attributes in order to gain access to a certain
service.
Context constraints: Restrict access based on the environmental attributes such as time, location,
or environmental state available.
Behavior constraints: Behavior constraints on an entity determine if the entity is allowed to
offer services or use the services while the behavior constraints on the mapping determine if the
mapping relation can continue to exist Web Services access control models have two main types
of actions.
Static action: The constraints which have static action are related to restriction characteristics
based on fixed conditions
Dynamic action: It has dynamic action are the constraints that require a set of context
information only available at runtime environment and may change over time Web services are at
the heart of many e-business systems. Thus, securing the Web Service is critical process. So that
developing effective framework for accessing web services is unavoidable.
3. CONCEPTS OF TRUST MANAGEMENT
The trustworthiness of a network is reflected in three aspects: trust of web services, trust of users,
and trust of network transmission. In open networks, the relatively independent trust domains
formed by organizations have local user entities, service resources, and trust authentication
authorities, which set up local certification services and provide the certification services of
shared service resources in the domain.
Therefore, when a user accesses resource in the different domains, there is a trust issue of
authentication, namely subject identity authentication for resource requester and object service

8
authentication for resource provider. The former concerns whether a service requestor has access
to the resource provider, that is to say, the access rights of service requestor; while the latter
considers whether services of an object are available to the requester, namely the service trust of
object.
Trust and reputation are related with each other closely [4].However, trust is quite a complicated
phenomenon, the concept itself carrying many meanings. If entity A recognizes that entity B will
do whatever A expects in strict way, then A will trust B. A is trustful and B is credible.
Trust can be defined as “Trust T is a function of a pair (TR, TE) where TR is a trustor who has a
certain level trust on others and TE is the trustee who is trusted by the trustor. The output of this
function TV is a trust level which is often represented by a value. T: TR * TE -> TV.
This above definitions includes all the relevant components of a trust interaction. It includes the
situation or context, implies risk is involved and defines the two main actors such as trustor and
trustee of any trust based information exchange. Trustor is the agent who releases the
information, and the trustee, the agent being trusted the trustor is a service provider practicing
electronic commerce on the Internet, and the trustee is either a business partner or an individual
requiring access to the trustor services [5].
An overview of the trust management approach to authorization and access control is given in Fig
3
Fig 3: communication between requester, provider and trust-management system.
1. Requester request for service
2. Provider gathers information and sends to trust manager for trust verification
3. Trust manager verifies trust and give the result to provider
4. Accept/deny request of requester based on trust manager result
3.1. Features of Trust
Although the definition of trust is not strict standard, but overall, the trust has the following
features.
1. Subjectivity There may be different trust degree for the same entity among different
entities.
2. Context it is not only to consider the influences of subjective consciousness, but also to
contact with the specific environments and context, when entity evaluates the trust
relationship. Namely, it is context dependency.

9
3. Asymmetry A trusts B. whereas, it may not correct.
4. Dynamic Trust relationship between entities is not eternal. It will be changed
dynamically when the requestor’s behaviors change. For example, the trust degree will
decrease with the passage of time.
5. Measurable the subjective trust evaluation can be measured accurately by many decisive
factors.
3.2. Need of Trust Management
Trust is a measure of relation between a pair of entities. This measure can be used as a calculus to
make further decisions. Trust can be helpful in solving many problems, including resource access,
filtering information, and resolving inconsistencies.
To illustrate trust occurring process, consider a valid user name with a correct password must be
given to gain access of object. According to the systems trust assigning mechanism, the
information proves the user is trusted by the computer’s administrator. Obviously after the system
believes the identity that the user claims, it will give certain access rights of accessing bunch of
resources in this system to that user. In contrary, though it is not so obvious, it is also a trust from
the user to that system. Because when system asks the user to prove his identity, it is expected
that the user will reveal certain amount of credentials to the system. It shows that the user
believes that the credential receiver will not spread out its credentials.
Information comes from diverse sources is the advantages of the Web. However these
information also brings the problem forever needs to be solved accompanying with usage of the
Web since these information is of varying quality. We make judgment to select which
information to read and believe. Web users make these judgments routinely, since there is huge
amount of information relevant to a given query in the search engine’s results.
However this manual decision done by human must be automated from a semantic web agent’s
view. They need to automatically make these judgments to choose each information unit while
performing a task. This is a important point where trust is being applied to in filtering
information. After relevant information is filtered, there is still enormous information, ranging
from institutional to personal, from governmental to private citizen from formal report to
editorial. The question of whether that information can be trusted to be true or correct still exist,
though the provider of it is not trying to lie or cheat.
Recently there are two main kinds of approaches emerging to solve inconsistencies occurred on
the Semantic Web. One way to deal with inconsistencies is to first diagnose and then repair them.
Another approach to deal with inconsistent ontologism is to avoid the inconsistency and to apply
a non-standard reasoning method to obtain answers that are still meaningful, even though they
have been obtained from an inconsistent ontology
3.3. Trust Sources
There are two broad types of trust 1.Direct trust 2.Indirect trust. The direct trust of an entity can
be determined directly from the history of interactions of entity. The indirect trust of an entity can
be determined by other entities experiences indirectly.

10
There are three different subcategories of indirect trust such as reputations, recommendations and
referrals. A reputation can be seen as the general feedback about the character or behavior of an
entity. A recommendation is that a user trusts a service because of some suggestion or feedback
got from a trusted central authority. A referral means a service consumer trusts a service because
of some distributed referrals got from known trusted third party software agent [5]
3.4 Trust Computation
Trust Manager to compute the trust for a requester based on the reliability of the service which
has been used. They have considered the uncertainty factors that arise in trust evaluation. For
example, the factors are distrust, low trust, not clear enough, likely trust and absolute trust. These
can be represented as float values from 0 to 1 or 1 to 10. The service access permission will be
granted or denied based on the trust values computed by Trust manager dynamically.
3.5. Initial Trust and limits
There are some issues occurs when one client interacts with another for the first time. A new
client in an environment creates a problem, especially for the systems which is based on solely on
reputation. It has to assign an initial level of trust to this new client, so that other clients will
interact with the new client. It could not start off without any trust for there would be no way for
a new client on the system to ever gain trust.
3.6 Types of Trustor
There are three commonly used kinds of trustor. [4]
1. Global trustor: In a context, if trustees are globally trusted, i,e all trustors have the same trust
for each trustee, they form into a global trustor.
2. Group trustor: In fact, the global trustor mechanism can be viewed as a special form of this
type of trustor formalism – group trustor, when there is only one group. However when the
granularity falls onto group level, a significant change and new characteristic comes out. That is,
trustors can be trustees of others and trustees also can be trustors of other trustees at the same
time.
3. Individual: Naturally the next level of trustor is individual. Trust among individuals is often
derived from observations. Observation can be done either as an active participant of
collaboration, or as a silent third party.
The trust research can be organized as four major areas [8]. They are as follows
(1) Policy-based trust: policies are used to establish trust, managing credentials and controls
accessing entity. This type of trust generally consider that trust is established by obtaining a
sufficient amount of credentials pertaining to a specific party, and use that policies to grant the
party certain access rights.
2) Reputation-based trust: In this type reputation plays an important role. reputation is used to
establish trust, where past performances of an entity are combined to determine its future

11
behavior. Research in reputation-based trust uses the history of an entity’s behavior to compute
trust, and may use referral based trust in the absence of first-hand knowledge.
(3) General models of trust: Trust models are useful for analyzing human and agenized trust
decisions and to operate computable models of trust. Work in modeling trust describes values that
play a role in computing trust, and leans more on work in psychology and sociology for a
decomposition of what trust comprises. Modeling research ranges from simple access control
polices to analyses of competence, beliefs, risk, importance, utility, etc.
(4) Trust in information resources: Trust is a common factor in web research because which
determines web resources and web sites are trustworthy. Moreover, trust on the Web has different
uses and meanings, including getting ratings from users about the quality of information and
services they have used, how web site design influences trust on content and content providers,
propagating trust over links, etc.
In the web service interactions, the participants can establish trust based on 1) Peer-To-Peer trust
model 2) Trust Chain Model (TC) and 3) Trusted Third Party Model (TTP). In P2P Model,
participants should share their trust relations on a one-by-one basis which is not scalable. In TC
Model, each participant stabilizes their trust relation with its direct ancestor, which is not flexible
for dynamic service integrations. In the TTP model, all participants get the credentials from a
trusted third party [5]
In many applications (such as E-Commerce, Internet Shopping), the interaction between subject
and object is established on the basis of trust [32]. We usually say we believe someone or
someone is credible. That means it is low impossible to do good for us about his/her behavior so
as to we can consider to cooperate with him/her. Correspondingly, we say that someone is
unreliable, which means the possibility is quite low. Entity makes the decision for above two
possibilities according to the subjective initiative [5]. Many examples show that the interaction is
more reliable based on trust. So, it is very essential to adopt the concept of trust in access control.
3.7 Study of Existing Trust Based Access Models
There are number of researchers have done their work on trust based models in web services.
Some of them are as follows.
Bayesian Network based trust and reputation model for web service selection is given in [4]. This
approach has three sources for trust calculation such as reputation, QOS monitoring and direct
experience of consumer this model, author tried to overcome some earlier limitations by
integrating the mentioned sources to find the trust value. The user can specify their expectations
of services based on QoS, rating mechanism based on consumer feedback on each quality
attribute after each transaction, checking whether the feedback is reliable or not and to match the
services by finding the similarity of trust rater value and requestor expectation value using
Euclidean method.
Galiziaet.al. [9] presented a trust model for accessing web service. It follows Trusted Third Party
based approach for the classification of the web services with the help of Internet Reasoning
Service tool.

12
Surya Nepal et al. (2010) [10] developed a fuzzy based trust management framework for web
service. Initially, they developed a data model based on consumer views on QoS attributes that
evaluates the reputation of services. Secondly, they proposed the fuzzy based linguistic query
model to parse the requested query to evaluate by different query processing algorithm. They
have not addressed some issues such as trust bootstrapping, propagation, retaliation, reciprocation
and dishonest or biased ratings.
Priority based trust (PB) model presented in [11] for service selection in general service oriented
environments. It follows Reputation based and Trusted Third Party approach. It overcomes the
limitations of Certified Reputation Model. PBTrust model is also getting consumer expectation
on trust for individual service attribute.
Honest agent can give the feedback and ask other participants in same domain about the services.
The reliability of the service is calculated as average of all the feedbacks from participants [13].
The consumer may give the dishonest about the service to make the reputation value to be
decreased. When the trust management center found this dishonest feedback, punishment can be
given to the consumer [12].
Mangling Zhu et al. (2006) [13] designed the social rules on describing the trust relationship
between the provider and consumer in the open environments. Self Confidence Rule which rate
the self confident of service provider about their providing services. Persistence Rule says that a
service provider should be persistent to their goals to achieve better performance. Honest Rule
analyze whether service provider is trustworthy in their commitments. Motivation Rule checks
for motivation in providing services. Reliance Rule estimates the trust from the reliability of
service provider. If an agent was unreliable at previous transactions with a consumer, its
trustworthiness will be decreased. Reputation Rule finds whether it has positive or negative
feedback about providing services from the other agents in the open environment. If an agent
always performed the committed service, then its reliability will increase, consequently reputation
will improve. Trust value of an agent will increase based on their reputation and other dimension
and also it automatically updates their reputation. Finally, they defined a trust is based on
performance, commitments, social attitude and relations of particulars.
Guha et al. (2003) [14] treated each user as a potential information provider. This model proposed
to each user’s trustworthiness by propagating over a network of people connected by ratings or
trust.
Domain trust is a kind of trust concept included in agent knowledge taxonomy proposed by Ding
et al. (2003) [15]. In addition, they defined some slots for each trust concept. The domain slot
bounds with part of trustee’s knowledge to be trusted. This slot helps the trustor find the relevant
agents for a query. The coverage slot shows how much the trustee knows in that domain and
allows the trustor to rank agents by the probability of giving an answer. In addition it also has
accuracy slot to measure the fidelity of an agent’s answer and a reliability slot to show the
confidence that the trustor can get a right answer from the trustee.
Kamvar [16] implemented two basic ideas to combat malicious peers. First idea is that the current
trust values of a peer will not be computed by itself. The other is that malicious peer are assumed
to also return wrong outcomes when they are supposed to compute any peer’s trust level. Thus
the trust value of a peer in the network context is computed by more than one other peer. Based
on this, they conducted experiments on six example models of threat from malicious peers. The

13
most common three models are as following. In the model A where malicious peers always
provide an inauthentic file when selected as the download source, malicious peers are rarely
chosen as the download source. In the model B, besides the actions in model A, malicious peers
additionally form a malicious collective by assigning a single trust value 1 to another malicious
peer in the network. In essence, they form a chain. In model C, besides the malicious collective
described in model B, malicious peers provide an inauthentic file in f% of all cases when selected
by the initiator as download source. Thus malicious peers will not be assumed zero trust values
by other peers in the network hence some peers will be received access permission to the file
from them.
The content trust algorithm by Gil et al. (2006) [17] adopted [-1, 1] as the range of trust values
where -1 is maximum distrust and 1 is maximum trust. The trust value for a default rule in Katz et
al. (2006) [18] is a weighted average of neighbors trust ratings on it. The EigenTrust algorithm
[16] uses the number of satisfactory transactions minus the number of unsatisfactory transactions
as the rating of a peer for another peer. This reflects only the experience with his acquaintances,
however by asking friends’ friends, the peer will have a complete trust view of the network.
Finally any number could be the converged value after iterations. Similarly the TRELLIS system
[19] uses discrete number to represent atomic credibility or reliability and combine them into a
continuous trust value.
Sapna singh et al. (2010) [20] proposed trust based access control model, the privilege for
defining the access levels are given to the publisher where certain constraints will be defined on
each information object being published by the publisher in order to establish a desired trust level
for the subscriber to get access to the information of his interest.
Cesar Ali et al. (2010) [21] proposed a new trust model to access the web services based on
context and role of the services requester. Here too they failed to handle new user trust value
effectively
Shanshan Song and Kai Hwang proposed an enhancing the trust index method of a resource by
upgrading its intrusion defense capabilities and also model checks the success rate of jobs on the
platforms, but the computing of directed trust is not mentioned in [22].
Wang Meng et al. (2009) [23] proposed a Dynamic Trust Model which is based on
recommendation credibility. They suggested a method to differentiate honest and dishonest
recommendation and adjust the of trust values dynamically. This model defines various
participating nodes in the grid as sponsor node, goal node and recommended node.
Gao Ying et al. (2010) [24] proposed a trust model based on behavior to improve web service
security. It is based on the problem in open service grids to establish trust relationship among
different domains. The authors have proposed an algorithm to adjust trust relationships between
domains based on entities interactions and also proposed a technique to process recommendation
trust.
Kai Wei Shaohua Tang [25] proposed a multi layer trust computation model based on direct
search in which service providers need to compute and control the trust of users.
Vivekananth et al (2010) [26] proposed a trust model based on behavior which describes the
consistency of behavior and focused on behavior of entities in different contexts. The total trust is

14
calculated using direct trust and indirect trust. The behavior was tracked using a tracking module.
Based on experiences with the entities, an entity trust level is increased or decreased. A penalty
factor is levied for malicious behavior. The trust factor of two entities may be depending on
penalty, time and context. The penalty factor ranges between 0 and 1. A threshold value is used
and if the total trust value is greater than threshold value then the resource is will be allocated.
Shangzhu Jin et al. (2010) [27] proposed a model in which service requester trust value is
calculated based on based feedback and time decay. It fails to calculate the new user trust value.
Tie-Yan Li et al. (2003) [28] proposed a trust model and trust metrics evaluation algorithms.
There are two levels the upper level specifies the trust relationships among Virtual Organizations
in a distributed manner. The lower level specifies the trust values in a grid domain. This model
provides a trust evaluation mechanism that supports secure services across domains.
Wu Xiaonian et al. (2009) [29] tried to quantify the entities trust according to the entity’s
behaviors. this behavior trust computation model is based on risk evaluation. This model also
features identification of asset, threat and trust
Shashi Bhanwar et al. (2009) [30] proposed a access control model based on trust by determining
reputation and trust of the domain on the basis history of past transactions and rated feedback
value.
Srivaramangai et al. (2010) [31] proposed an access control model based on trust to improve
reliability in grid. This model discussed systems based on reputation can be used in web services
to enhance the reliability of transactions. Reliability can be achieved by establishing mutual trust
between the requester and the provider. Indirect trust is taken as the measure from the reputation
score of other entities. Unreliable feedbacks are eliminated using Spearman’s rank correlation
method.
Shunan Ma et al. (2005) [33] proposed multifactor based access control model for calculating
trust. This model also includes multi-factors trust computation, permission mapping and feedback
module. The result of the paper concludes that model is also suitable for accessing resources in
dynamic environments.
4. TRUST METRICS
4.1. Trust Metrics for service
Execution Time: Is the time taken by a service to execute and process its sequence of activities.
Latency: Is the delay time between sending a request and receiving the response, i.e., the time the
message needs to reach its destination.
Response Time: Is the time required to process and complete a service request.
Availability: Is the probability that a service is up and accessible to use.
Reliability: Ability to perform its function correctly with either no failure or response failure to
the user.
Remedies: Is the most important metric that should be provided by a service provider for each of
its services. Services should provide remedies in case anything goes wrong. Each service has

15
different remedies. For example, if the service is shipment service and there was a delay in
shipment, lower the shipment price can be offered as a remedy. Another example is that if a
service provides a video and the video was slow referred to the subscribed level of a customer,
the service should increase the bandwidth for that customer.
Security: A requestor can trust a service or service provider based on security. Security is an
important factor to be considered in trust establishment.
Privacy: A requestor can trust a service or service provider based on privacy. Privacy is an
important factor to be considered in trust establishment.
Payment Satisfaction: Refers to the degree of the user satisfaction on the offered service based
on the payment, if any. For example, does the service charge the user the same or extra amount,
do users pay extra unexpected fees, etc.
Output/Item satisfaction: Refers to the degree of the user satisfaction on the offered service
based on the output/item provided. For example, do they get the same output/item they
ordered/expected, are they satisfied with the output/item, the quality of the output/item they
received, etc.
Delivery satisfaction: Refers to the degree of the user satisfaction on the offered service based on
the delivery of the item. For example, do they deliver the item on time, do they return the item in
case of dissatisfaction, etc.
4.2. Trust Metrics for service provider
Brand name: A service provider who has a brand name, popular name that is established by a
long term interactions with consumers, may encourage the requestors to use its services. A brand
name can help in the assessment of service providers’ trustworthiness, and this will influence the
economic growth of the service providers positively. Trust-based systems can play an important
role on the establishment of brand names for service providers. A service provider can provide a
name and the system can brand the name based on the level of the trustworthiness of the service
provider.
Web site: A service provider who has a web site may give an important clue for the requestor to
trust the provider and use their services. Web sites may contain information that can assess the
trustworthiness of a service provider.
Retail location: Having physical location, such as physical store, may increase a provider’s
trustworthiness.
Order progress: While order progress is clearer offline, it should be provided online, and this
may increase a provider’s trustworthiness.
Competence: Shows a provider’s ability and capability to provide a service and perform the
function expected from it (i.e., compliance). Competence is more relevant term for the
environment related to services and computing system
Honest: The provider that continuously shows its competence will be honest.
5. TRUST POLICY REPRESENTATION
The trust management policy for a Web service is defined by the contents of SQL views called
permission views. Permission views may refer to regular tables and special tables called

16
certificate tables, or “certtables” for short. Permission views and certtables are described in detail
below [34].
1. Permission View: permission view is, conceptually, a function from the request details to the
access control decision (permit or deny). Let S:m denote a method m provided by a Web service
S. The “arguments” to the permission view for method S:m are stored in a table named
request_S_m, which contains columns invoker (invoker’s public key) and invokerDN (invoker’s
distinguished name), plus columns corresponding to the arguments of method S:m. The
interceptor stores information about the current request in this table before evaluating the
permission view, converting the XML representation of the arguments to an appropriate SQL
representation. If evaluation of the permission view returns a non-empty result set, the request is
permitted; otherwise, it is denied. Views are defined using the trust management service’s
createView method. Its prototype is createView(name, viewDef), where name is the view name,
and viewDef is the body of an SQL view definition.
For example, consider a Web service named HRsvc that provides access to electronic health
records. The service defines a method agentViewItem(byte[] patient, int itemID) that allows a
patient’s agent (e.g., spouse) to view an item in the patient’s health records. The agent table
contains a record with s in the subject column and p in the patient column if s is an agent for p. A
sample permission view for this method is as follows, where requestAVI abbreviates
request_HRsvc_agentViewItem.
createView("permView_HRsvc_agentViewItem", "SELECT * FROM agent, requestAVI
WHERE agent.subject = requestAVI.invoker && agent.patient = requestAVI.patient LIMIT 1")
2. Certificate Table (Certtable): A certificate table, abbreviated as certtable, is a special kind of
table that stores information from specified trusted sources (issuers). Only information obtained
in signed X.509 attribute certificates can be inserted in certtables. A certtable is defined by
invoking the trust management service’s method
createCerttable(name, colDefs, constraint, issuers, fetchFrom, createCerttable(name, colDefs,
constraint, issuers, fetchFrom, releaseTo)
createView(name, viewDef) grant(operation, resource, grantees, grantName) revoke(grantName)
setPermView(service, method, view) where name is the name of the certtable, colDefs is a
comma-separated list of column definitions of the form name type (as in SQL), constraint is a
Boolean expression of the form allowed in the check clause in an SQL create table statement, and
issuers specifies the trusted sources for information stored in this table (in other words, only
information from those sources may be inserted in this table). Issuers may be a public key,
identifying a specific issuer, or a query of the form select column from ctv, where ctv is the name
of a certtable, table, or view. When the allowed issuers are specified using a certtable, table, or
view ctv, if records for an issuer are removed from ctv, certificates issued by that issuer are
automatically removed from the certtable.
For example, if doctors are trusted issuers for information about agents, the agent creatable could
be defined as follows
Createcerttable(name="agent",colDefs="certTypevarchar(30),patientvarchar(1000)",constraint="
certType=’agent’", issuers="select subject from doctor", fetchFrom="issuer", releaseTo="GP for
same patient

17
6. FUTURE WORK
In this literature survey, we presented an overview of different trust based models in web services
access controls. All these models say about managing trust to already registered users. Since we
observed problem in assigning initial trust values for new users, it is necessary to implement a
new technique in future and also these trust evaluation techniques in web services access control
models can also be changed more effective to handle multiple service providers based multifactor
such as Success rate, failure rate, time out etc.,
7. CONCLUSION
This paper presents concepts of trust management in web services access control model and also
analyzed the strategies of various trust models proposed in recent years after introducing the
concept of web services and trust. The existing research is concentrated on trust based on
reputation, behavior, recommendation and identity. The aims of existing access models are to
provide the services qualitatively, uninterrupted manner with trust. So this literature review tried
to provide a report survey and analysis of various access models and their issues.
REFERENCES
[1] S. Haibo and H.Fan, "A context-aware role-based access control model for web services," in IEEE
International Conference on e- Business Engineering, 2005. ICEBE 2005
[2] E. Yuan, J. Tong, B. A. H. Inc, “Attributed based access control for web services," in 2005 IEEE
International Conference on Web Services, 2005. ICWS 2005. Proceedings, 2005
[3] R.Joseph manoj, A.Chandrasekar, M.D.Anto Praveena, Gandhi Desai “AFTAC: Attribute, Feedback
and Time Decay based Access Control for web services”,(ICCCIT 2012)
[4] Hien Trang Nguyen, Weiliang Zhao, Jian Yang, “A Trust and Reputation Model Based on Bayesian
Network for Web Services”, 2010 IEEE International Conference on Web Services
[5] V.Mareeswari, Dr. E. Sathiyamoorthy, “A Survey on Trust in Semantic Web Services” International
Journal of Scientific & Engineering Research, Volume 3, Issue 2, February-2012
[6] Srividya K Bansal, Ajay Bansal, M. Brian Blake, Trust-based Dynamic Web Service Composition
using Social Network Analysis, IEEE Workshop on Business Applications of Social Network, 13th
December 2010.
[7] Damjan Kovac, Denis Trcek, Qualitative trust modeling in SOA, Journal of Systems Architecture 55
(2009) 255–263.
[8] Donovan Artz, Yolanda Gil,” A survey of trust in computer science and the Semantic Web”.
[9] Stefania Galizia, Alessio Gugliotta and John Domingue, A Trust Based Methodology for Web Service
Selection, International Conferences on Semantic Computing, 2007.
[10] Surya Nepal, Wanita Sherchan and Athman Bouguettaya, A Behaviour-Based Trust Model for
Service Web, IEEE international Conference on Service Oriented Computing and Applications,
2010.
[11] Xing Su, Minjie Zhang, Yi Mu, Kwang Mong Sim, PBTrust: A Priority-Based Trust Model for
Service Selection in General Service-Oriented Environments, 2010 IEEE/IFIP International
Conference on Embedded and Ubiquitous Computing.
[12] Yijiao Zhu a, Junhao Wen a, Mingwen Qin a, Guoli Zhou, Web Service Selection Mechanism with
QoS and Trust Management, Journal of Information & Computational Science 8: 12 (2011) 2327–
2334.
[13] Manling Zhu, Lin Liu, Zhi Jin, A Social Trust Model for Services, AWRE 2006 Adelaide, Australia.
[14] R. Guha, R. Kumar, P. Raghavan, and A. Tomkins. 2003. Propagation of Trust and Distrust.
Proceedings of the 13th Annual International World Wide Web Conference, NewYork,

18
[15] L Ding, L Zhou, T Finin, Trust Based Knowledge Outsourcing for Semantic Web Agents, WIC
International Conference on Web Intelligence (WI 2003), 2003
[16] S.D. Kamvar, M.T. Schlosser, H. Garcia-Molina. “The Eigen-Trust algorithm for reputation
management in P2P networks”, In Proc. 12th Int. World Wide Web Conf., 2003.
[17] Y Gil, D Artz, Towards content trust of web resources, Proceedings of the 15th international
conference on World Wide Web, 2006
[18] Yarden Katz and Jennifer Golbeck, Social network-based trust in prioritized default logic in
Proceedings of the twenty-first national conference on artificial intelligence (aaai-06), 2006.
[19] Y. Gil, V. Ratnakar. Trusting Information Sources One Citizen at a Time. Proc. 1st Int. Semantic
Web conf.(ISWC), Sardinia, Italy, 2002
[20] Sapna Singh*, Archana Puri*, Shiksha Smreti Singh*, Anurika Vaish*, S.Venkatesan* A Trust Based
pproach For Secure Access Control In Information Centric Network
[21] Cesar Ali “CATRAC: Context Aware Trust and Role based Access Control for composite web
services” 10th IEEE international Conference on computer and information technology (CIT 2010)
[22] Shanshan Song, Kai Hwang, and Mikin Macwan, “Fuzzy Trust Integration for Security Enforcement
in Grid Computing” NPC 2004, LNCS 3222, pp. 9-21.
[23] Wang Meng; Hongxia Xia; Huazhu Song, “A Dynamic Trust Model Based on Recommendation
Credibility in Grid Domain”, International Conference CiSE, 2009.
[24] Gao Ying; Zhan Jiang, “A layered trust model based on behavior in service grid“, 2nd International
Conference ICACC, 2010.
[25] Kai Wei; Shaohua Tang, “A Multi-level Trust Evaluation Model based on D-S Theory for Grid”,
International Conference CIS '09. 2009.
[26] Vivekananth.P “A Behavior Based Trust Model for Grid Security”, International Journal of
Computer Applications, Volume 5– No.6, 2010.
[27] Shangzhu Jin ; Jun peng Access control for web services based on feedback and time decay” Proc
9th IEEE Int.Conf on cognitive Informatics 2010.
[28] Tie-Yan Li, Huafei Zhu, Kwok-Yan Lam: “A Novel Two-Level Trust Model for Grid”. ICICS 2003.
[29] Wu Xiaonian; Zhang Runlian; Zhou Shengyuan; Ma Chunbo, “Behavior Trust Computation Model
Based on Risk Evaluation in the Grid Environment”, WRI World Congress WCSE '09, 2009.
[30] Bhanwar, S.; Bawa, S, “Establishing and Evaluating Trust in a Grid Environment”, 10th International
symposium ISPAN’09, 2009
[31] Renagaramanujam Srinivasan and Srivaramangai P. “A Comprehensive Trust Model for Improved
Reliability in Grid.”, International Journal of Computer Applications Volume5- No.7,August 2010
[32] Takabi H, Amini M, and Jalili R, “Trust-Based User-Role Assignment in Role-Based Access
Control,” ACS/IEEE International Conference on Computer Systems and Applications2007, The
University of Arizona, Amman, Jordan: AICCSA 2007
[33] X. Wang, J. Luo, A. Song and T. Ma, “Semantic Access Control in Grid Computing”. Proc. 11th
International Conference on Parallel and Distributed Systems, 2005.
[34] Scott D. Stoller,” Trust Management for Web Services”, 2005
[35] Meriam Jemel, Nadia Ben Azzouna, Khaled Ghedira” Towards a Dynamic Access Control Model for
E-government Web Services”, IEEE Asia-Pacific Services Computing Conference,2010
[36] Mui, L., Mohtashemi, M., Halberstadt, A.: “A computational model of trust and reputation”. In: 35th
Annual Hawai International Conference on System Sciences (HICSS’02). Volume 7.IEEE Computer
Society

19
Authors
Joseph Manoj . R, received his MCA degree from Annai Velankanni College affiliated
to Manonmanium Sundaranar University, Tirunelveli, India. M.E(CSE) degree from
Sathyabama University, Chennai, India and Pursuing Ph.D in Computer science &
Engineering in Manonmanium Sundaranar University, Tirunelveli, India.
He is currently working as an Associate Professor in the Department of MCA in
St.Joseph’s College of Engineering, Chennai. His research area is web services security.
Dr.Chandra Sekar A received his B.E (CSE) degree from Angala Amman College of
Engineering and Technology affiliated to Bharathidasan University, M.E (CSE) degree
from A.K. College of Engineering affiliated to Madurai Kamaraj University and
completed his Ph.D in Computer science & Engineering from Anna University,
Chennai, India.
He is currently working as a Professor in the Department of Computer Science &
Engineering in St.Joseph’s College of Engineering, Chennai. His area of interest includes Network
Security, Web Services and Analysis of Algorithms.

A Literature Review on Trust Management in Web Services Access Control

More Related Content

Similar to A Literature Review on Trust Management in Web Services Access Control (20)

Recently uploaded (20)

A Literature Review on Trust Management in Web Services Access Control