TY - GEN
T1 - A general and flexible access-control system for the web
AU - Bauer, Lujo
AU - Schneider, Michael A.
AU - Felten, Edward W.
N1 - Publisher Copyright:
© 2002 by The USENIX Association All Rights Reserved.
PY - 2002
Y1 - 2002
N2 - We describe the design, implementation, and performance of a new system for access control on the web. To achieve greater flexibility in forming access-control policies – in particular, to allow better interoperability across administrative boundaries – we base our system on the ideas of proof-carrying authorization (PCA). We extend PCA with the notion of goals and sessions, and add a module system to the proof language. Our access-control system makes it possible to locate and use pieces of the security policy that have been distributed across arbitrary hosts. We provide a mechanism which allows pieces of the security policy to be hidden from unauthorized clients. Our system is implemented as modules that extend a standard web server and web browser to use proof-carrying authorization to control access to web pages. The web browser generates proofs mechanically by iteratively fetching proof components until a proof can be constructed. We provide for iterative authorization, by which a server can require a browser to prove a series of challenges. Our implementation includes a series of optimizations, such as speculative proving, and modularizing and caching proofs, and demonstrates that the goals of generality, flexibility, and interoperability are compatible with reasonable performance.
AB - We describe the design, implementation, and performance of a new system for access control on the web. To achieve greater flexibility in forming access-control policies – in particular, to allow better interoperability across administrative boundaries – we base our system on the ideas of proof-carrying authorization (PCA). We extend PCA with the notion of goals and sessions, and add a module system to the proof language. Our access-control system makes it possible to locate and use pieces of the security policy that have been distributed across arbitrary hosts. We provide a mechanism which allows pieces of the security policy to be hidden from unauthorized clients. Our system is implemented as modules that extend a standard web server and web browser to use proof-carrying authorization to control access to web pages. The web browser generates proofs mechanically by iteratively fetching proof components until a proof can be constructed. We provide for iterative authorization, by which a server can require a browser to prove a series of challenges. Our implementation includes a series of optimizations, such as speculative proving, and modularizing and caching proofs, and demonstrates that the goals of generality, flexibility, and interoperability are compatible with reasonable performance.
UR - http://www.scopus.com/inward/record.url?scp=85084162149&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85084162149&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85084162149
T3 - Proceedings of the 11th USENIX Security Symposium
BT - Proceedings of the 11th USENIX Security Symposium
PB - USENIX Association
T2 - 11th USENIX Security Symposium
Y2 - 5 August 2002 through 9 August 2002
ER -