A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
The Java Programming Language
Safe Tcl: a toolbox for constructing electronic meeting places
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
Building systems that flexibly control downloaded executable context
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
A distributed object model for the javaTM system
COOTS'96 Proceedings of the 2nd conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 2
An authorization framework for metacomputing applications
Cluster Computing
A Scheduling Scheme for Controlling Allocation of CPU Resources for Mobile Programs
Autonomous Agents and Multi-Agent Systems
Providing Fine-grained Access Control for Java Programs
ECOOP '99 Proceedings of the 13th European Conference on Object-Oriented Programming
A Contract-Based Approach of Resource-Constrained Software Deployment
CD '02 Proceedings of the IFIP/ACM Working Conference on Component Deployment
JASON: an open platform for discovering and hosting applications in ad hoc networks
UbiMob '04 Proceedings of the 1st French-speaking conference on Mobility and ubiquity computing
Secure delegation for distributed object environments
COOTS'98 Proceedings of the 4th conference on USENIX Conference on Object-Oriented Technologies and Systems - Volume 4
| Hi-index | 0.00 |
The rapid increase in the Internet's connectivity has lead to proportional increase in the development of Web-based applications. Usage of downloadable content has proved effective in a number of emerging applications including electronic commerce, software components on-demand, and collaborative systems. In all these cases, Internet user agents (like browsers, tuners) are widely used by the clients to utilize and execute such downloadable content. With this new technology of using downloadable content comes the problem of the downloaded content obtaining unauthorized access to the client's resources. In effect, granting a hostile remote principal the requested access to client's resources may lead to undesirable consequences. Hence it is important for the browsers to provide a framework such that the user can fine tune his system according to his trust relationship with the content authors. Currently available systems either do not allow the downloaded content to access any of the local resources or allows all the contents to have the same privileges. In this paper, we present the design and implementation of a model that provides resource access control of a finer granularity for an user agent. Using our model, the client will be able to selectively grant access to resources based on a trust relationship with the principal, who has certified the authenticity of the contents.