Requirements of federated trust management for service-oriented architectures

Abstract

With the emergence of an effective infrastructure supporting Grid Computing and Web Services, service-oriented computing has been growing over the last few years, and service-oriented architectures are becoming an important computing paradigm. When different trust domains control different component services, trust management plays a critical role to smooth the collaboration among component services. The federation of these component services makes new demands for managing trust-related behavior. Although many extant trust management systems deal with intradomain trust behaviors, there is a growing need for effective strategies for managing inter-domain behaviors. In this paper we explore requirements for a federated trust management system. The purpose of this paper is not to suggest a single type of system covering all necessary features; instead, its purpose is to initiate a discussion of the requirements arising from inter-domain federation, to offer a context in which to evaluate current and future solutions, and to encourage the development of proper models and systems for federated trust management. Our discussion addresses issues arising from trust representation, trust exchange, trust establishment, trust enforcement, and trust storage.