Scheduled System Maintenance:
On May 6th, single article purchases and IEEE account management will be unavailable from 8:00 AM - 5:00 PM ET (12:00 - 21:00 UTC). We apologize for the inconvenience.
By Topic

Usable access control for the World Wide Web

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Balfanz, Dirk ; Palo Alto Res. Center, CA, USA

While publishing content on the World Wide Web has moved within reach of the nontechnical mainstream, controlling access to published content still requires expertise in Web server configuration, public-key certification, and a variety of access control mechanisms. Lack of such expertise results in unnecessary exposure of content published by nonexperts, or force cautious nonexperts to leave their content off-line. Recent research has focused on making access control systems more flexible and powerful, but not on making them easier to use. We propose a usable access control systems for the World Wide Web, i.e., a system that is easy to use both for content providers (who want to protect their content from unauthorized access) and (authorized) content consumers (who want hassle-free access to such protected content). Our system is constructed with judicious use of conventional building blocks, such as access control lists and public-key certificates. We point out peculiarities in existing software that make it unnecessarily hard to achieve our goal of usable access control, and assess the security provided by our usable system.

Published in:

Computer Security Applications Conference, 2003. Proceedings. 19th Annual

Date of Conference:

8-12 Dec. 2003