Advisory Committee Chair
Advisory Committee Members
Date of Award
Degree Name by School
Doctor of Philosophy (PhD) College of Arts and Sciences
Today's Internet and network-based applications are highly driven by the service-oriented architecture model. Given the variety of online services, we hypothesized that there is a significant non-uniformity in the behavior of users pertaining to security-oriented practices on the Internet. We performed statistical analysis on open source user-survey datasets to establish the validity of the statement. We performed further study with respect to the security-oriented behavioral practices in developing countries. We were able to determine certain traits and insecure practices that general Internet users from both developed and developing countries adopt, and addressed the corresponding issues to devise secure authentication technologies for online services. However, rapid growth in the number and type of online services has resulted in adopting diverse authentication models. Cross-platform and service composition architectures require a complex integration procedure and limit adoptability of newer authentication models. Authentication is generally based on a binary success-failure and relies on credentials proffered at the present moment without considering how or when the credentials were obtained by the subject. The resulting access control engines suffer from rigid policies and complexity of management. We adopted notions of real-life authentication with similar causal effects in service computing architectures. We introduced the concept of interaction provenance in service oriented computing as the only and unified authentication factor. Interaction provenance uses the causal relationship of past events to leverage service composition, cross-platform integration, timeline authentication, and easier adoption of newer methods. We presented a W3C PROV standard compliant model for interaction provenance, including secure provenance preservation techniques for service oriented computing architectures. We also applied the concept of interaction provenance to create secure frameworks for provenance-aware services. Next, we explored the causal relationship of interaction provenance with the quality of past events to create a flexible and novel authentication and threshold based access control engine using fuzzy policies. We showed how linguistic terminologies, fuzzy ranges, and visualization of contour maps can be used to create simple yet innovative policies with additional benefits in the usability and maintenance of such systems.
Khan, Rasib Hassan, "Towards Trustworthy Authentication in Service Oriented Computing" (2016). All ETDs from UAB. 2135.