{"title":"Web 2.0应用中用户控制访问管理的体系结构和协议","authors":"Maciej P. Machulak, A. Moorsel","doi":"10.1109/ICDCSW.2010.37","DOIUrl":null,"url":null,"abstract":"The rapidly developing Web environment provides users with a wide set of rich services as varied and complex as desktop applications. Those services are collectively referred to as ``Web 2.0'', with examples such as Google Docs, Flickr, or Wordpress, that allow users to create, manage and share their content online. By switching from desktop applications to their cloud-based Web equivalents users release even more data online. It is the user who creates this data, who disseminates it and who shares it with other users and services. Storing and sharing resources on the Web poses new security challenges. Access control, in particular, is currently poorly addressed in such an environment and is not well suited to the increasing number of resources that are available online. We propose a new approach to access control for the Web. Our approach puts a user in full control of assigning access rights to their resources which may be spread across multiple cloud-based Web applications. Unlike existing authorization systems, it relies on a user's centrally located security requirements for these resources.","PeriodicalId":133907,"journal":{"name":"2010 IEEE 30th International Conference on Distributed Computing Systems Workshops","volume":"109 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Architecture and Protocol for User-Controlled Access Management in Web 2.0 Applications\",\"authors\":\"Maciej P. Machulak, A. Moorsel\",\"doi\":\"10.1109/ICDCSW.2010.37\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The rapidly developing Web environment provides users with a wide set of rich services as varied and complex as desktop applications. Those services are collectively referred to as ``Web 2.0'', with examples such as Google Docs, Flickr, or Wordpress, that allow users to create, manage and share their content online. By switching from desktop applications to their cloud-based Web equivalents users release even more data online. It is the user who creates this data, who disseminates it and who shares it with other users and services. Storing and sharing resources on the Web poses new security challenges. Access control, in particular, is currently poorly addressed in such an environment and is not well suited to the increasing number of resources that are available online. We propose a new approach to access control for the Web. Our approach puts a user in full control of assigning access rights to their resources which may be spread across multiple cloud-based Web applications. Unlike existing authorization systems, it relies on a user's centrally located security requirements for these resources.\",\"PeriodicalId\":133907,\"journal\":{\"name\":\"2010 IEEE 30th International Conference on Distributed Computing Systems Workshops\",\"volume\":\"109 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-06-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 IEEE 30th International Conference on Distributed Computing Systems Workshops\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICDCSW.2010.37\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 IEEE 30th International Conference on Distributed Computing Systems Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICDCSW.2010.37","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Architecture and Protocol for User-Controlled Access Management in Web 2.0 Applications
The rapidly developing Web environment provides users with a wide set of rich services as varied and complex as desktop applications. Those services are collectively referred to as ``Web 2.0'', with examples such as Google Docs, Flickr, or Wordpress, that allow users to create, manage and share their content online. By switching from desktop applications to their cloud-based Web equivalents users release even more data online. It is the user who creates this data, who disseminates it and who shares it with other users and services. Storing and sharing resources on the Web poses new security challenges. Access control, in particular, is currently poorly addressed in such an environment and is not well suited to the increasing number of resources that are available online. We propose a new approach to access control for the Web. Our approach puts a user in full control of assigning access rights to their resources which may be spread across multiple cloud-based Web applications. Unlike existing authorization systems, it relies on a user's centrally located security requirements for these resources.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
