Web services are increasingly utilized in people’s daily lives to achieve various functionalities. Trustworthiness has become a critical factor for service provision and governance. The lack of effective trust establishment mechanisms impedes the deployment of diverse trust models for web services. One important issue is that collaborating organizations need mechanisms to bridge extant relationships among cooperating parties. Meanwhile, a trust establishment mechanism for web services must ensure privacy and owner control at all times due to the subjectivity of trust relationships. As an alternative and complementary approach to direct trust establishment, we describe an indirect trust establishment mechanism to bridge and build new trust relationships from extant trust relationships with privacy protection. Another issue is the lack of mechanisms that can directly establish trust relationships with privacy-preserving capabilities for web services. Current web service technologies encourage a service requester to reveal all its private attributes in a pre-packaged digital credential to the service provider to fulfill the requirements for verification. This may lead to privacy leakage. We propose a mechanism whereby the service requester discovers the service provider’s requirements from a web service policy document, then formulates a trust primitive by associating a set of attributes in a pre-packaged credential with a semantic name, signed with the requester’s digital signature, to negotiate a trust relationship. Thus the service requester’s privacy is preserved because only those attributes required to build a trust relationship are revealed.
TopIntroduction
Web services facilitate collaborations and interoperations between business partners, software agents, service providers and consumers, which promote loosely coupled and dynamic service-oriented architectures. But they do not address the business aspects of interactions such as security, access control, business partner selection, service level agreement monitoring, and auditing – the activities that build trust between a consumer and a provider of a web service and that will ultimately determine which services are used and which are not. The issues of trustworthiness are tightly bound in the minds of consumers. For example, a consumer would generally trust the Citibank online services to conduct online banking in a secure and responsible manner, because Citibank has a massive physical network of banks and has been in the financial market over one hundred years. On the other hand, a consumer probably wouldn't entrust his/her savings to a newly launched financial institution with no obvious connections to any legitimate business. The point here is that as web services begin to gain a foothold in electronic business, critical services will probably be limited to extensions of pre-existing business relationships with already trusted companies.
How can a business service provider engender new trust or transfer trust to a new consumer via an existing agent? And how can two companies establish a trust relationship in order to provide and consume business services or share information over web services? They have to negotiate in order to establish a conventional business trust relationship, and so they would almost certainly want to do the same for a trust relationship using web services. Web service standards UDDI (Clement, 2004), WSDL (Chinnici, 2007), and SOAP (Gudgin, 2007) say nothing about this. Thus, although it would be possible to find a web service to use just by examining a UDDI registry, it is unlikely to be used prior to investigation of its reputation and reliability. To establish a trust relationship, the consumer and the service provider require a negotiation process. The negotiation process needs to exchange trust-related information between the two parties. The parties can exchange private attributes to build the trust relationship directly, or they can use pre-established relationships to build a new one via a trusted third party. Exchange of private attributes may put the privacy of the consumer and the service provider at risk. For example, a hacker may pretend to be a consumer to access useful information from the service provider. More seriously, a hacker can pretend to be a service provider to gather private attributes from consumers for malicious usage. We need to reduce that risk. As an alternative, using pre-established relationships may be a more convenient and more secure way.