Access control on the Web using proof-carrying authorization

L. Bauer, M. A. Schneider, E. W. Felten, A. W. Appel

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Scopus citations

Abstract

We describe a system for access control on the Web that is based on the ideas of proof-carrying authorization (PCA). Our system is implemented as modules that extend a standard Web server and Web browser to use PCA to control access to Web pages. The Web browser generates proofs mechanically by iteratively fetching proof components until a proof can be constructed. We provide for iterative authorization, by which a server can require a browser to prove a series of challenges. Our implementation includes a series of optimizations, such as speculative proving, and modularizing and caching proofs, and demonstrates that the goals of generality, flexibility, and interoperability are compatible with reasonable performance.

Original languageEnglish (US)
Title of host publicationProceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2003
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages117-119
Number of pages3
ISBN (Electronic)0769518974, 9780769518978
DOIs
StatePublished - 2003
EventDARPA Information Survivability Conference and Exposition, DISCEX 2003 - Washington, United States
Duration: Apr 22 2003Apr 24 2003

Publication series

NameProceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2003
Volume2

Other

OtherDARPA Information Survivability Conference and Exposition, DISCEX 2003
Country/TerritoryUnited States
CityWashington
Period4/22/034/24/03

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems
  • Control and Systems Engineering
  • Safety, Risk, Reliability and Quality

Keywords

  • Access control
  • Authorization

Fingerprint

Dive into the research topics of 'Access control on the Web using proof-carrying authorization'. Together they form a unique fingerprint.

Cite this