Skip to Main Content
As the manufacturing and process industries become more intelligent and more distributed, the need for reliable, secure, and verifiable data exchange becomes more acute. We have developed an approach to distributed data security based upon Web services. Each Web service specifies its authentication and authorization policies using WS-policy documents combined with our novel concepts of trust levels and trust level mappings across domains. An authentication Web service verifies human identity via biometric and other digital techniques: software applications are vetted by digital signatures. An authorization Web service enforces a dynamic, context-aware access policy. Federation is used to manage trust relationships across separate but cooperating trust domains.