Skip to main content

Research Repository

Advanced Search

Cross-platform access control for mobile web applications.

Lyle, John; Monteleone, Salvatore; Faily, Shamal; Patti, Davide; Ricciato, Fabio

Authors

John Lyle

Salvatore Monteleone

Shamal Faily

Davide Patti

Fabio Ricciato



Abstract

Web browsers are a common platform for delivering cross-platform applications. However, they currently fail to provide consistent access control for security and privacy sensitive JavaScript APIs, such as geolocation and local storage. This problem is exacerbated by new HTML5 APIs and the increasing number of personal devices people own and use. In this paper we present the webinos platform which aims to provide a single, cross-device policy system for web applications on a wide range of web-enabled devices including TVs, smartphones, in-car systems and PCs. webinos solves the existing deficiencies in web authorisation by introducing the concept of a personal zone, the set of all devices and services owned by a particular user. All devices in this zone can synchronize their access control policies through interoperable middleware and can create flexible rules which may refer to an individual user, device or the entire zone. We provide details of the architecture and explain how our experience during design highlighted several conceptual challenges.

Citation

LYLE, J., MONTELEONE, S., FAILY, S., PATTI, D. and RICCIATO, F. 2012. Cross-platform access control for mobile web applications. In Proceedings of the 2012 IEEE international symposium on policies for distributed systems and networks (POLICY 2012), 16-18 July 2012, Chapel Hill, USA. Los Alamitos: IEEE Computer Society [online], pages 37-44. Available from: https://doi.org/10.1109/POLICY.2012.9

Conference Name 2012 IEEE international symposium on policies for distributed systems and networks (POLICY 2012)
Conference Location Chapel Hill, USA
Start Date Jul 16, 2012
End Date Jul 18, 2012
Acceptance Date Jul 16, 2012
Online Publication Date Aug 16, 2012
Publication Date Dec 31, 2012
Deposit Date Dec 3, 2021
Publicly Available Date Mar 28, 2024
Publisher IEEE Computer Society
Pages 37-44
ISBN 9781467319935
DOI https://doi.org/10.1109/policy.2012.9
Keywords Access and authorisation; Web-based software; Web-based mobile applications; Mobile applications; HTML5; Systems security
Public URL https://rgu-repository.worktribe.com/output/1446703

Files

LYLE 2012 Cross-platform access control (809 Kb)
PDF

Copyright Statement
© IEEE




You might also like



Downloadable Citations