An access control model for dynamic client-side content

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

An access control model for dynamic client-side content

Full text

Pdf (608 KB)

Source

Symposium on Access Control Models and Technologies archive
Proceedings of the eighth ACM symposium on Access control models and technologies table of contents

Como, Italy

SESSION: Dynamic Access Control table of contents

Pages: 207 - 216

Year of Publication: 2003

ISBN:1-58113-681-1

Authors

Adam Hess	Brigham Young University, Provo, UT
Kent E. Seamons	Brigham Young University, Provo, UT

Sponsors

ACM: Association for Computing Machinery
SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 3, Downloads (12 Months): 62, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues peer to peer

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/775412.775440 What is a DOI?

ABSTRACT

The focus of access control in client/server environments is on protecting sensitive server resources by determining whether or not a client is authorized to access those resources. The set of resources are usually static, and an access control policy associated with each resource specifies who is authorized to access the resource. In this paper, we turn the traditional client/server access control model on its head, and address how to protect the sensitive content that clients disclose to servers. Since client content is dynamically generated at runtime, the usual approach of associating a policy with the resource (content) a priori does not work. In this paper, we propose an access control model for protecting client-side content that is dynamically generated and disclosed at runtime. Our model identifies sensitive content, maps the sensitive content to an access control policy, and establishes the trustworthiness of the server before disclosing the sensitive content to the server. The model targets open systems, where clients and servers do not have preexisting trust relationships. We have implemented the model within TrustBuilder, an architecture for negotiating trust between strangers based on properties other than identity. The implementation is the first example of content-triggered trust negotiation and currently supports access control for sensitive content disclosed by web and email clients.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Elisa Bertino , Silvana Castano , Elena Ferrari, On specifying security policies for web documents with an XML-based language, Proceedings of the sixth ACM symposium on Access control models and technologies, p.57-65, May 2001, Chantilly, Virginia, United States [doi>10.1145/373256.373264]
	2	Piero Bonatti , Pierangela Samarati, Regulating service access and information release on the Web, Proceedings of the 7th ACM conference on Computer and communications security, p.134-143, November 01-04, 2000, Athens, Greece [doi>10.1145/352600.352620]
	3	Dan Boneh , Matthew K. Franklin, Identity-Based Encryption from the Weil Pairing, Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.213-229, August 19-23, 2001
	4	David W. Chadwick , Alexander Otenko, The PERMIS X.509 role based privilege management infrastructure, Proceedings of the seventh ACM symposium on Access control models and technologies, June 03-04, 2002, Monterey, California, USA [doi>10.1145/507711.507732]
	5	T. Dierks and C. Allen, The TLS protocol version 1.0, RFC 2246, January 1999.
	6	R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1," RFC 2616, June 1999.
	7	Amir Herzberg , Yosi Mass , Joris Michaeli , Yiftach Ravid , Dalit Naor, Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers, Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.2, May 14-17, 2000
	8	A. Hess, J. Jacobson, H. Mills, R. Wamsley, K. E. Seamons, and B. Smith, "Advanced Client/Server Authentication in TLS," Network and Distributed System Security Symposium, San Diego, California, February 2002.
	9	R. Housley, W. Polk, W. Ford, and D. Solo, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile," RFC 3280, April 2002.
	10	Liberty Alliance Project, http://www.projectliberty.org, December 2002.
	11	Yasushi Ogawa , Tetsuya Morita , Kiyohiko Kobayashi, A fuzzy document retrieval system using the keyword connection matrix and a learning method, Fuzzy Sets and Systems, v.39 n.2, p.163-179, Jan. 25, 1991 [doi>10.1016/0165-0114(91)90210-H]
	12	J. S. Park , R. Sandhu, Binding identities and attributes using digitally signed certificates, Proceedings of the 16th Annual Computer Security Applications Conference, p.120, December 11-15, 2000
	13	The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. W3C Candidate Recommendation. 16 April 2002, http://www.w3.org/TR/P3P/.
	14	J. Postel, "Simple Mail Transfer Protocol," RFC 821, August 1982.
	15	SSL and TLS: designing and building secure systems, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2001
	16	Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996 [doi>10.1109/2.485845]
	17	G. Salton , M. E. Lesk, Computer Evaluation of Indexing and Text Processing, Journal of the ACM (JACM), v.15 n.1, p.8-36, Jan. 1968 [doi>10.1145/321439.321441]
	18	K. E. Seamons, M. Winslett, and T. Yu, "Limiting the Disclosure of Access Control Policies During Automated Trust Negotiation," Network and Distributed System Security Symposium, San Diego, California, February 2001.
	19	K. Seamons , M. Winslett , T. Yu , B. Smith , E. Child , J. Jacobson , H. Mills , L. Yu, Requirements for Policy Languages for Trust Negotiation, Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02), p.68, June 05-07, 2002
	20	K. E. Seamons, M. Winslett, T. Yu, L. Yu, and R. Jarvis. "Protecting Privacy during On-line Trust Negotiation," 2nd Workshop on Privacy Enhancing Technologies, San Francisco, California, April 2002.
	21	D. Shin, G. Ahn, and S. Cho, "Role-based EAM Using X.509 Attribute Certificate," 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, University of Cambridge, United Kingdom, July 2002.
	22	N. Li , W. Winsborough, Towards Practical Automated Trust Negotiation, Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02), p.92, June 05-07, 2002
	23	W. Winsborough, K. E. Seamons, and V. E. Jones, "Automated Trust Negotiation," DARPA Information Survivability Conference and Exposition, Hilton Head, South Carolina, January 2000.
	24	Marianne Winslett , Ting Yu , Kent E. Seamons , Adam Hess , Jared Jacobson , Ryan Jarvis , Bryan Smith , Lina Yu, Negotiating Trust on the Web, IEEE Internet Computing, v.6 n.6, p.30-37, November 2002 [doi>10.1109/MIC.2002.1067734]
	25	Ting Yu , Marianne Winslett , Kent E. Seamons, Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation, ACM Transactions on Information and System Security (TISSEC), v.6 n.1, p.1-42, February 2003 [doi>10.1145/605434.605435]