Policy Based Protection and Personalized Generation of Web Content

Policy Based Protection and Personalized Generation of Web Content

The World Wide Web offers easy sharing of information, but provides only few options for the protection of sensitive information and other sensitive resources. Traditional protection mechanisms rely on the characterization of requesters by identity, which works well in a closed system with a known s...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Zerr, Sergej, Olmedilla, Daniel, De Coi, Juri L., Nejdl, Wolfgang, Bonatti, Piero A., Sauro, Luigi
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Access control
Access protocols
Application software
Authorization
content protection
Humans
Information security
Logic
policies
Protection
Web pages
Web sites
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The World Wide Web offers easy sharing of information, but provides only few options for the protection of sensitive information and other sensitive resources. Traditional protection mechanisms rely on the characterization of requesters by identity, which works well in a closed system with a known set of users. Trust negotiation protocols have emerged as a solution for open environments such as the Web, in which parties may make connections and interact without being previously known to each other. In this paper we present an access control framework for the Web that not only provides advanced protection mechanisms for static resources but also personalized generation of content. Our approach separates security from the application logic, integrates a flexible and expressive policy language, enables (possibly automated) interactions with human and software agents, and boosts user awareness and cooperative enforcement of such policies.
DOI:10.1109/LA-WEB.2009.19