Abstract
In the web environment, web browsers use HTTP/HTTPS to communicate between users and web/application servers. However, many internet activities require interactions among three parties without compromising confidentiality. For example, an e-commerce transaction requires a buyer to authorize an e-commerce website to withdraw money from the buyer’s bank account at an internet banking website. Although several existing works have been proposed to solve this problem, they are done in ad-hoc manners or lack of some important properties. This paper proposes a model, called PRA (Provider-Requestor-Authorizer), for generalizing three-party communication in the web-environment in order to identify desirable properties that can be used to measure the goodness of protocols for and classify them. We found that PRA model can generalize three-party communication protocols to a single model from conceptual level to implementation level.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
OpenID Authentication 2.0, http://openid.net/specs/openid-authentication-2_0.html (accessed 30 June 2012)
Morgan, R.L., Cantor, S., Carmody, S., Hoehn, W., Klingenstein, K.: Federated Security: The Shibboleth Approach. In: EDUCAUSE Quarterly, vol. 27, pp. 12–17 (2004)
Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0., https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf (Accessed 30 August 2012)
González, J.F., Rodríguez, M.C., Nistal, M.L., Rifón, L.A.: Reverse OAuth: A solution to achieve delegated authorizations in single sign-on e-learning systems. Computers & Security 28, 843–856 (2009)
OAuth Core 1.0a, http://oauth.net/core/1.0a/ (accessed 30 June 2012)
The OAuth 2.0 Authorization Framework, http://tools.ietf.org/html/draft-ietf-oauth-v2-30 (accessed 30, June 2012)
Schiffman, J., Xinwen, Z., Gibbs, S.: DAuth: Fine-Grained Authorization Delegation for Distributed Web Application Consumers. In: IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), pp. 95–102 (2010)
Alam, M., Zhang, X., Khan, K., Ali, G.: xDAuth: a scalable and lightweight framework for cross domain access control and delegation. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, SACMAT 2011, pp. 31–40. ACM, New York (2011)
OAuth 2.0 Threat Model and Security Considerations, http://tools.ietf.org/html/draft-ietf-oauth-v2-threatmodel-07 (accessed 20 August 2012)
Crampton, J., Khambhammettu, H.: Delegation in Role-Based Access Control. In: Proceeding of the 11th European Symposium on Research in Computer Security, pp. 174–191 (2006)
Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: A Semantic Context-Aware Access Control Framework for Secure Collaborations in Pervasive Computing Environments. In: Cruz, I., Decker, S., Allemang, D., Preist, C., Schwabe, D., Mika, P., Uschold, M., Aroyo, L.M. (eds.) ISWC 2006. LNCS, vol. 4273, pp. 473–486. Springer, Heidelberg (2006)
Google Docs, http://www.google.com/google-d-s/b1.html (accessed 30 August 2012)
Facebook, http://www.facebook.com (accessed 30 August 2012)
Microsoft account, https://account.live.com/ (accessed 30 August 2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Buranasaksee, U., Porkaew, K., Supasitthimethee, U. (2013). A Generalized Model for Internet-Based Access Control Systems with Delegation Support. In: Singh, K., Awasthi, A.K. (eds) Quality, Reliability, Security and Robustness in Heterogeneous Networks. QShine 2013. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 115. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37949-9_84
Download citation
DOI: https://doi.org/10.1007/978-3-642-37949-9_84
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-37948-2
Online ISBN: 978-3-642-37949-9
eBook Packages: Computer ScienceComputer Science (R0)