Browse by author
Lookup NU author(s): Maciej Machulak, Professor Aad van Moorsel
The rapidly developing Web environment provides users with a wide set of rich services as varied and complex as desktop applications. Those services are collectively referred to as \Web 2.0", with examples such as Google Docs, Wikipedia, Wordpress or Flickr, that allow users to create, manage and share their content online. By switching from desktop applications to their Web equivalents more and more data gets released online. It is the user who creates data, who shares and disseminates this data, and who accesses it. Storing and sharing resources over a highly collaborative \Web 2.0" environment poses new security challenges. Access control, in particular, is currently poorly addressed in such an environment and is not well suited to the increasing amount of resources that is available online. We propose a novel approach to access control for the Web. Our approach puts a user in full control of their resources which may be scattered across multiple Web applications. Unlike existing authorisation systems, it relies on a user's centrally located security requirements for those resources. In this paper we present a set of use cases that could be addressed with our User-Centric Access Control approach. We discuss those use case scenarios from the perspective of individuals and organisations that make use of \Web 2.0" applications. We present examples of architectures that could provide required functionality of each scenario. Additionally, we discuss those use cases and point out challenges and problems that require further consideration.
Author(s): Machulak M, van Moorsel A
Publication type: Report
Publication status: Published
Series Title: School of Computing Science Technical Report Series
Year: 2009
Pages: 54
Print publication date: 01/08/2009
Source Publication Date: August 2009
Report Number: 1165
Institution: School of Computing Science, University of Newcastle upon Tyne
Place Published: Newcastle upon Tyne
URL: http://www.cs.ncl.ac.uk/publications/trs/papers/1165.pdf
