In this paper, we propose a trust enhanced distributed authorisation architecture (TEDA) that provides a holistic framework for authorisation taking into account the state of a user platform. The model encompasses the notions of 'hard' and 'soft' trust to determine whether a platform can be trusted for authorisation. We first explain the rationale for the overall model and then describe our hybrid model with 'hard' and 'soft' trust components, followed by a description of the system architecture. We then illustrate our implementation of the proposed architecture in the context of authorisation for web services. We discuss the results and demonstrate that such a trust enhanced approach could enable better authorisation decision making, especially in a distributed environment where user platforms are subject to dynamic security threats. © 2014 Elsevier Inc.
Nagarajan, A., Varadharajan, V., & Tarr, N. (2014). Trust enhanced distributed authorisation for web services. In Journal of Computer and System Sciences (Vol. 80, pp. 916–934). Academic Press Inc. https://doi.org/10.1016/j.jcss.2014.02.002