Trusted Service Discovery Through Identity Management

Abstract

Service oriented environments face threats from unauthorized clients and fake or compromised services. The threats exist both during service discovery and service invocation, and should be mitigated through the same security framework. Through the use of a modern identity management system which offers a combination of key attestation and attributes for access control, more threats can be appropriately addressed. The combination of discovery and identity management results in a more comprehensive threat mitigation, scalable maintenance of security related information and easier federations of security domains. The architecture and protocols of this system combination are presented and discussed.