@inproceedings{1bde1a412d454fc5996c7a70223b644a,
title = "Access control on the Web using proof-carrying authorization",
abstract = "We describe a system for access control on the Web that is based on the ideas of proof-carrying authorization (PCA). Our system is implemented as modules that extend a standard Web server and Web browser to use PCA to control access to Web pages. The Web browser generates proofs mechanically by iteratively fetching proof components until a proof can be constructed. We provide for iterative authorization, by which a server can require a browser to prove a series of challenges. Our implementation includes a series of optimizations, such as speculative proving, and modularizing and caching proofs, and demonstrates that the goals of generality, flexibility, and interoperability are compatible with reasonable performance.",
keywords = "Access control, Authorization",
author = "L. Bauer and Schneider, {M. A.} and Felten, {E. W.} and Appel, {A. W.}",
note = "Publisher Copyright: {\textcopyright} 2003 IEEE.; DARPA Information Survivability Conference and Exposition, DISCEX 2003 ; Conference date: 22-04-2003 Through 24-04-2003",
year = "2003",
doi = "10.1109/DISCEX.2003.1194942",
language = "English (US)",
series = "Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2003",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "117--119",
booktitle = "Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2003",
address = "United States",
}