Enforcing Usage Constraints on Credentials for Web Applications - ICT Systems Security and Privacy Protection
Conference Papers Year : 2015

Enforcing Usage Constraints on Credentials for Web Applications

Abstract

For using credential-based access control effectively, recent work identified the need to enforce usage constraints also on credentials. The enforcement of such constraints has not yet been investigated for web applications, although it is relevant when credential-based access control is employed in a web application. This article proposes an approach suitable for enforcing usage constraints on credentials in web applications. More concretely, we present a novel algorithm and an implementation of this algorithm that construct constraint-compliant proofs for credential-based access control policies. We proved that our solution is correct and showed that it is also efficient through extensive experiments.
Fichier principal
Vignette du fichier
337885_1_En_8_Chapter.pdf (463.91 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01345100 , version 1 (13-07-2016)

Licence

Identifiers

Cite

Jinwei Hu, Heiko Mantel, Sebastian Ruhleder. Enforcing Usage Constraints on Credentials for Web Applications. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. pp.112-125, ⟨10.1007/978-3-319-18467-8_8⟩. ⟨hal-01345100⟩
89 View
79 Download

Altmetric

Share

More