John Lyle
Cross-platform access control for mobile web applications.
Lyle, John; Monteleone, Salvatore; Faily, Shamal; Patti, Davide; Ricciato, Fabio
Authors
Salvatore Monteleone
Shamal Faily
Davide Patti
Fabio Ricciato
Abstract
Web browsers are a common platform for delivering cross-platform applications. However, they currently fail to provide consistent access control for security and privacy sensitive JavaScript APIs, such as geolocation and local storage. This problem is exacerbated by new HTML5 APIs and the increasing number of personal devices people own and use. In this paper we present the webinos platform which aims to provide a single, cross-device policy system for web applications on a wide range of web-enabled devices including TVs, smartphones, in-car systems and PCs. webinos solves the existing deficiencies in web authorisation by introducing the concept of a personal zone, the set of all devices and services owned by a particular user. All devices in this zone can synchronize their access control policies through interoperable middleware and can create flexible rules which may refer to an individual user, device or the entire zone. We provide details of the architecture and explain how our experience during design highlighted several conceptual challenges.
Citation
LYLE, J., MONTELEONE, S., FAILY, S., PATTI, D. and RICCIATO, F. 2012. Cross-platform access control for mobile web applications. In Proceedings of the 2012 IEEE international symposium on policies for distributed systems and networks (POLICY 2012), 16-18 July 2012, Chapel Hill, USA. Los Alamitos: IEEE Computer Society [online], pages 37-44. Available from: https://doi.org/10.1109/POLICY.2012.9
Conference Name | 2012 IEEE international symposium on policies for distributed systems and networks (POLICY 2012) |
---|---|
Conference Location | Chapel Hill, USA |
Start Date | Jul 16, 2012 |
End Date | Jul 18, 2012 |
Acceptance Date | Jul 16, 2012 |
Online Publication Date | Aug 16, 2012 |
Publication Date | Dec 31, 2012 |
Deposit Date | Dec 3, 2021 |
Publicly Available Date | Mar 28, 2024 |
Publisher | IEEE Computer Society |
Pages | 37-44 |
ISBN | 9781467319935 |
DOI | https://doi.org/10.1109/policy.2012.9 |
Keywords | Access and authorisation; Web-based software; Web-based mobile applications; Mobile applications; HTML5; Systems security |
Public URL | https://rgu-repository.worktribe.com/output/1446703 |
Files
LYLE 2012 Cross-platform access control
(809 Kb)
PDF
Copyright Statement
© IEEE
You might also like
Programming language evaluation criteria for safety-critical software in the air domain.
(2022)
Conference Proceeding
Privacy goals for the data lifecycle.
(2022)
Journal Article
Automation and cyber security risks on the railways: the human factors implications.
(2022)
Presentation / Conference
Integrated design framework for facilitating systems-theoretic process analysis.
(2022)
Conference Proceeding
Cybersecurity user requirements analysis: the ECHO approach.
(2022)
Conference Proceeding
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search