A General and Flexible Access-Control System for the Web
Proceedings of the 11th USENIX Security Symposium
Architectural styles and the design of network-based software architectures
Architectural styles and the design of network-based software architectures
Usable Access Control for the World Wide Web
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Organizing and sharing distributed personal web-service data
Proceedings of the 17th international conference on World Wide Web
Lockr: social access control for web 2.0
Proceedings of the first workshop on Online social networks
On the need for user-defined fine-grained access control policies for social networking applications
Proceedings of the workshop on Security in Opportunistic and SOCial networks
Secure file system services for web 2.0 applications
Proceedings of the 2009 ACM workshop on Cloud computing security
Secure Web 2.0 Content Sharing Beyond Walled Gardens
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Architecture and Protocol for User-Controlled Access Management in Web 2.0 Applications
ICDCSW '10 Proceedings of the 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops
Expressive and Deployable Access Control in Open Web Service Applications
IEEE Transactions on Services Computing
Design and implementation of user-managed access framework for web 2.0 applications
Proceedings of the 5th International Workshop on Middleware for Service Oriented Computing
Hi-index | 0.00 |
Web 2.0 technologies have made it possible to migrate traditional desktop applications to the Web, resulting in a rich and dynamic user experience and in expanded functionality. Individuals can create and manage their content online, and they are not only consumers of Web services, but also active participants on the Web platform. As a result, potentially large amounts of personal, sensitive, and valuable data is put online, spread across various Web services. Users sometimes share this data with other users and services on the Web, but are also concerned about maintaining privacy and sharing their data securely. Currently, users must use diverse access control solutions available for each Web service to secure data and control its dissemination. When such mechanisms are used on a daily basis, they add considerable overhead, especially since these mechanisms often lack sophistication with respect to functionality as well as user interfaces. To alleviate this problem, we discuss a novel approach to access management for Web resources that includes a user as a core part of its model. The proposal puts the user in charge of assigning access rights to resources that may be hosted at various Web applications. It facilitates the ability of users to share data more selectively using a centralized authorization manager which makes access decisions based on user instructions.