Bootstrapping trust in service oriented architecture

dc.contributor.advisor Hridesh Rajan Hosamani, Mahantesh
dc.contributor.department Computer Science 2018-08-23T18:48:34.000 2020-06-30T07:40:08Z 2020-06-30T07:40:08Z Mon Jan 01 00:00:00 UTC 2007 2007-01-01
dc.description.abstract <p>Services in a service-oriented architecture are designed to meet desired functional and non-functional requirements. Conformance of a service implementation to its functional requirements can be tested by observing the interface of the service but it is hard to enforce non-functional requirements such as data privacy and safety properties by monitoring the interface alone. Instead the implementation of the service need to be monitored for its conformance to the non-functional properties. A requirement's monitor can be deployed to check this conformance. A key problem is that such monitor must execute in an untrustworthy environment (at the service provider's location).;We argue that the integrity of the reported results of such a monitor crucially depends on the integrity of the monitor itself. Previous research results on trustworthy computing has shown that static properties, such as the checksum, of a remote program can be verified using a hardware-based mechanism called trusted platform module.;This thesis makes two contributions. First, we extend the traditional notion of a service-oriented architecture to accommodate the requirements for trust. Second, we propose a dynamic attestation mechanism that serves to support our extensions. To evaluate our approach, we have conducted a case study using a commercial requirements monitor and a collection of web service implementations available with Apache Axis implementation. Our case study demonstrates the feasibility of verifying the conformance of a web service executing in an untrusted environment with respect to a class of non-functional requirements using our approach. Lack of data privacy during online transactions is a major cause of concern among e-commerce users. By providing a technique to monitor such properties in a decoupled environment our work promises to address the issue of guaranteeing the privacy of confidential client data on the provider's side in a Service Oriented Architecture.</p>
dc.format.mimetype application/pdf
dc.identifier archive/
dc.identifier.articleid 15879
dc.identifier.contextkey 7007748
dc.identifier.s3bucket isulib-bepress-aws-west
dc.identifier.submissionpath rtd/14880
dc.language.iso en
dc.source.bitstream archive/|||Fri Jan 14 20:27:59 UTC 2022
dc.subject.disciplines Computer Sciences
dc.subject.keywords Computer science
dc.title Bootstrapping trust in service oriented architecture
dc.type article
dc.type.genre thesis
dspace.entity.type Publication
relation.isOrgUnitOfPublication f7be4eb9-d1d0-4081-859b-b15cee251456 thesis Master of Science
Original bundle
Now showing 1 - 1 of 1
442.93 KB
Adobe Portable Document Format