Merida, Yucatan, Mexico
Nov. 9, 2009 to Nov. 11, 2009
The World Wide Web offers easy sharing of information, but provides only few options for the protection of sensitive information and other sensitive resources. Traditional protection mechanisms rely on the characterization of requesters by identity, which works well in a closed system with a known set of users. Trust negotiation protocols have emerged as a solution for open environments such as the Web, in which parties may make connections and interact without being previously known to each other. In this paper we present an access control framework for the Web that not only provides advanced protection mechanisms for static resources but also personalized generation of content. Our approach separates security from the application logic, integrates a flexible and expressive policy language, enables (possibly automated) interactions with human and software agents, and boosts user awareness and cooperative enforcement of such policies.
policies, content protection
Sergej Zerr, Daniel Olmedilla, Juri L. De Coi, Wolfgang Nejdl, Piero A. Bonatti, Luigi Sauro, "Policy Based Protection and Personalized Generation of Web Content", LA-WEB, 2009, Web Congress, Latin American, Web Congress, Latin American 2009, pp. 112-119, doi:10.1109/LA-WEB.2009.19