A Policy-based Access Control Mechanism for the Corporate Web

14 years 3 months ago

Download www.acsac.org

Current Web technologies use access control lists (ACLs) for enforcing regulations and practices governing businesses today. Having the policy hard-coded into ACLs causes management and security problems which have prevented so far Intranets to achieve their full potential. This paper is about a concrete design of a mechanism that supports policies for regulating access to information via corporate Intranet. This mechanism makes a strict separation between the formal statement of a policy, and its enforcement, the latter being carried out by generic policy engines. The proposed mechanism is easy to deploy, requiring no modiﬁcations of current web servers. We provide some preliminary performance results that show that the mechanism is quite affordable, even in its present, experimental stage.

Victoria Ungureanu, F. Vesuna, Naftaly H. Minsky

Real-time Traffic

ACLs Causes Management | ACSAC 2000 | Current Web | Practices Governing Businesses | Security Privacy |

claim paper

Post Info
More Details (n/a)

Added	30 Jul 2010
Updated	30 Jul 2010
Type	Conference
Year	2000
Where	ACSAC
Authors	Victoria Ungureanu, F. Vesuna, Naftaly H. Minsky

Comments (0)

Sciweavers

A Policy-based Access Control Mechanism for the Corporate Web

ACLs Causes Management | ACSAC 2000 | Current Web | Practices Governing Businesses | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers