Design and Implementation of User-Managed Access Framework for Web 2.0 Applications (2010)

Author(s): Machulak M, Moren L, van Moorsel A

    Abstract: Web 2.0 applications allow individuals to manage their content online and to share it with other users and services on the Web. Such sharing requires access control to be put in place. Existing access control solutions, however, are unsatisfactory as they do not offer the functionality that users need in the open and user-driven Web environment. Additionally, such solutions are often custom-built and require substantial development effort, or use existing frameworks that provide benefits to developers only. New proposals such as User-Managed Access (UMA) show a promising solution to authorization for Web 2.0 applications. UMA puts the end user in charge of assigning access rights to Web resources. It allows users to share data more selectively using centralized authorization systems which make access decisions based on user instructions. In this paper, we present the UMA/j framework which implements the UMA protocol and allows users of Web applications to use their preferred authorization mechanisms. It also supports developers in building access control for their Web 2.0 applications by providing ready-to-use components that can be integrated with minimum effort.

      • Date: October 2010
      • Series Title: School of Computing Science Technical Report Series
      • Pages: 10
      • Institution: Newcastle upon Tyne
      • Publication type: Report
      • Bibliographic status: Published

        Keywords: ACCESS CONTROL SECURITY, WEB APPLICATIONS, MIDDLEWARE

        Staff

        Professor Aad van Moorsel
        Head of School, Professor