The Community for Technology Leaders
2010 IEEE 30th International Conference on Distributed Computing Systems Workshops (2010)
Genova, Italy
June 21, 2010 to June 25, 2010
ISSN: 1545-0678
ISBN: 978-0-7695-4079-5
pp: 62-71
ABSTRACT
The rapidly developing Web environment provides users with a wide set of rich services as varied and complex as desktop applications. Those services are collectively referred to as ``Web 2.0'', with examples such as Google Docs, Flickr, or Wordpress, that allow users to create, manage and share their content online. By switching from desktop applications to their cloud-based Web equivalents users release even more data online. It is the user who creates this data, who disseminates it and who shares it with other users and services. Storing and sharing resources on the Web poses new security challenges. Access control, in particular, is currently poorly addressed in such an environment and is not well suited to the increasing number of resources that are available online. We propose a new approach to access control for the Web. Our approach puts a user in full control of assigning access rights to their resources which may be spread across multiple cloud-based Web applications. Unlike existing authorization systems, it relies on a user's centrally located security requirements for these resources.
INDEX TERMS
security, access control, Web 2.0, usability, authorization
CITATION

M. P. Machulak and A. v. Moorsel, "Architecture and Protocol for User-Controlled Access Management in Web 2.0 Applications," 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops(ICDCSW), Genova, Italy, 2010, pp. 62-71.
doi:10.1109/ICDCSW.2010.37
101 ms
(Ver 3.3 (11022016))