Title :
Access policy specification for Web applications
Author_Institution :
King´´s Coll., London, UK
Abstract :
We show how access to Web resources may be controlled by using an access control program that implements a reactive agent. The agent reasons about the events, actions and a history (of events and actions) that relate to a user in order to make decisions about permitting the user to access information that is held on remote servers. The access control program is based on an abstract access control model that is formally specified as a clause form theory. Access policies may be efficiently implemented in a variety of practical languages.
Keywords :
Internet; authorisation; formal specification; specification languages; Internet; Web resources; access control program; access policy specification; clause form theory; decision making; formal specification; practical languages; reactive agent implementation; Access control; Authentication; Computer networks; Educational institutions; History; Information security; Large-scale systems; Network servers; Pressing; Protection;
Conference_Titel :
Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on
Print_ISBN :
0-7695-2108-8
DOI :
10.1109/ITCC.2004.1286588
