Trusted services broker for web page fine-grained security labeling
作者: Gary L. Luckenbaugh , Forrest E. Stoakes
DOI:
关键词: World Wide Web 、 Hypertext 、 Credential 、 Computer science 、 Session (computer science) 、 Mandatory access control 、 User interface 、 Password 、 Security policy 、 Web page
摘要: Arbitrarily fine-grained limitation of access to information stored in a resource data processor network is provided manner compatible with existing browsers by mapping user identity and credentials randomly assigned security cookie which thus serves as surrogate credential accompanying each request during session. Labels are imbedded within HTML files/text may embody any desired policy, including mandatory control (MAC) arrangements not available through native browser functions. Data retrieved response includes from location the directly accessible use URL; being configuration file hidden users. The then filtered accordance labels for page and/or embedded text used build include hypertext links or other interfaces transmission user. Provision made viewing changing labels, passwords.
lens.org 参考文章(19)
Kenneth B. Lyons, Script-based data communication system and method utilizing state memory ,(1994)
David A. Chodorow, Jonathan T. Trostle, John C. Chipchak, Marjan Krajewski, Peter T. Baldwin, Electronic information network user authentication and authorization system ,(1993)
Jieh-Shan Wang, James F. Chen, Application level security system and method ,(1996)
Sterling Hutto, Kevin Kunzelman, Common session token system and protocol ,(1997)
Bruce E. McNair, System and method for granting access to a resource ,(1992)
Steven M. Willens, Network access control system and process ,(1996)
Taher Elgamal, Kipp E. B. Hickman, Secure socket layer application program apparatus and method ,(1995)
Thomas W. Jury, Tab McCollum, Assigning security levels to particular documents on a document by document basis in a database ,(1996)