An adaptable distributed trust management framework for large-scale secure service-based systems

A major advantage of service-based computing systems is the ability to enable rapid formation of large-scale distributed systems by composing available services to achieve the system goals, regardless of the programming languages and platforms used to develop and/or run these services. For these systems, which often involve communications among multiple organizations over various networks, high confidence and adaptability are of primary concern to ensure that users can access these systems anywhere and anytime through various devices, knowing that their security and privacy are well protected under various situations. In this paper, an adaptable distributed trust management framework for large-scale service-based systems is presented. This framework includes a meta-model with a formal specification language for situation-aware security policies, and tools for generating and deploying security agents to evaluate and enforce trust decisions based on security policies, credentials and situational information. With this framework, large-scale service-based systems can incorporate distributed trust management to meet their trustworthiness requirements under various situations.