Design and implementation of user-managed access framework for web 2.0 applications

Middleware for Service Oriented Computing Pub Date : 2010-11-29 DOI:10.1145/1890912.1890913

Maciej P. Machulak, Lukasz Moren, A. Moorsel

{"title":"Design and implementation of user-managed access framework for web 2.0 applications","authors":"Maciej P. Machulak, Lukasz Moren, A. Moorsel","doi":"10.1145/1890912.1890913","DOIUrl":null,"url":null,"abstract":"Web 2.0 applications allow individuals to manage their content online and to share it with other users and services on the Web. Such sharing requires access control to be put in place. Existing access control solutions, however, are unsatisfactory as they do not offer the functionality that users need in the open and user-driven Web environment. Additionally, such solutions are often custom-built and require substantial development effort, or use existing frameworks that provide benefits to developers only.\n New proposals such as User-Managed Access (UMA) show a promising solution to authorization for Web 2.0 applications. UMA puts the end user in charge of assigning access rights to Web resources. It allows users to share data more selectively using centralized authorization systems which make access decisions based on user instructions. In this paper, we present the UMA/j framework which implements the UMA protocol and allows users of Web applications to use their preferred authorization mechanisms. It also supports developers in building access control for their Web 2.0 applications by providing ready-to-use components that can be integrated with minimum effort.","PeriodicalId":376035,"journal":{"name":"Middleware for Service Oriented Computing","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-11-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Middleware for Service Oriented Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1890912.1890913","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

Web 2.0 applications allow individuals to manage their content online and to share it with other users and services on the Web. Such sharing requires access control to be put in place. Existing access control solutions, however, are unsatisfactory as they do not offer the functionality that users need in the open and user-driven Web environment. Additionally, such solutions are often custom-built and require substantial development effort, or use existing frameworks that provide benefits to developers only. New proposals such as User-Managed Access (UMA) show a promising solution to authorization for Web 2.0 applications. UMA puts the end user in charge of assigning access rights to Web resources. It allows users to share data more selectively using centralized authorization systems which make access decisions based on user instructions. In this paper, we present the UMA/j framework which implements the UMA protocol and allows users of Web applications to use their preferred authorization mechanisms. It also supports developers in building access control for their Web 2.0 applications by providing ready-to-use components that can be integrated with minimum effort.

查看原文本刊更多论文

web 2.0应用程序用户管理访问框架的设计与实现

Web 2.0应用程序允许个人在线管理他们的内容，并在Web上与其他用户和服务共享。这种共享需要适当的访问控制。然而，现有的访问控制解决方案并不令人满意，因为它们不能提供用户在开放和用户驱动的Web环境中所需的功能。此外，这样的解决方案通常是定制的，需要大量的开发工作，或者使用仅为开发人员提供好处的现有框架。用户管理访问(User-Managed Access, UMA)等新提议为Web 2.0应用程序的授权提供了一个很有前景的解决方案。UMA让最终用户负责为Web资源分配访问权限。它允许用户使用基于用户指令做出访问决策的集中式授权系统更有选择性地共享数据。在本文中，我们提出了UMA/j框架，它实现了UMA协议，并允许Web应用程序的用户使用他们首选的授权机制。它还支持开发人员为其Web 2.0应用程序构建访问控制，方法是提供可以轻松集成的即用组件。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Middleware for Service Oriented Computing

自引率

0.00%

发文量