Service Independent Access Control Architecture for User Generated Content (UGC) and Its Implementation
Summary :
Using Web-based content management systems such as Blog, an end user can easily publish User Generated Content (UGC). Although publishing of UGCs is easy, controlling access to them is a difficult problem for end users. Currently, most of Blog sites offer no access control mechanism, and even when it is available to users, it is not sufficient to control users who do not have an account at the site, not to mention that it cannot control accesses to content hosted by other UGC sites. In this paper, we propose new access control architecture for UGC, in which third party entities can offer access control mechanism to users independently of UGC hosting sites. With this architecture, a user can control accesses to his content that might be spread over many different UGC sites, regardless of whether those sites have access control mechanism or not. The key idea to separate access control mechanism from UGC sites is to apply cryptographic access control and we implemented the idea in such a way that it requires no modification to UGC sites and Web browsers. Our prototype implementation shows that the proposed access control architecture can be easily deployed in the current Web-based communication environment and it works quite well with popular Blog sites.
- Publication
- IEICE TRANSACTIONS on Information Vol.E92-D No.10 pp.1961-1970
- Publication Date
- 2009/10/01
- Publicized
- Online ISSN
- 1745-1361
- DOI
- 10.1587/transinf.E92.D.1961
- Type of Manuscript
- Special Section PAPER (Special Section on New Technologies and their Applications of the Internet)
- Category
- DRM and Security
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Akira YAMADA, Ayumu KUBOTA, Yutaka MIYAKE, Kazuo HASHIMOTO, "Service Independent Access Control Architecture for User Generated Content (UGC) and Its Implementation" in IEICE TRANSACTIONS on Information,
vol. E92-D, no. 10, pp. 1961-1970, October 2009, doi: 10.1587/transinf.E92.D.1961.
Abstract: Using Web-based content management systems such as Blog, an end user can easily publish User Generated Content (UGC). Although publishing of UGCs is easy, controlling access to them is a difficult problem for end users. Currently, most of Blog sites offer no access control mechanism, and even when it is available to users, it is not sufficient to control users who do not have an account at the site, not to mention that it cannot control accesses to content hosted by other UGC sites. In this paper, we propose new access control architecture for UGC, in which third party entities can offer access control mechanism to users independently of UGC hosting sites. With this architecture, a user can control accesses to his content that might be spread over many different UGC sites, regardless of whether those sites have access control mechanism or not. The key idea to separate access control mechanism from UGC sites is to apply cryptographic access control and we implemented the idea in such a way that it requires no modification to UGC sites and Web browsers. Our prototype implementation shows that the proposed access control architecture can be easily deployed in the current Web-based communication environment and it works quite well with popular Blog sites.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.E92.D.1961/_p
Copy
@ARTICLE{e92-d_10_1961,
author={Akira YAMADA, Ayumu KUBOTA, Yutaka MIYAKE, Kazuo HASHIMOTO, },
journal={IEICE TRANSACTIONS on Information},
title={Service Independent Access Control Architecture for User Generated Content (UGC) and Its Implementation},
year={2009},
volume={E92-D},
number={10},
pages={1961-1970},
abstract={Using Web-based content management systems such as Blog, an end user can easily publish User Generated Content (UGC). Although publishing of UGCs is easy, controlling access to them is a difficult problem for end users. Currently, most of Blog sites offer no access control mechanism, and even when it is available to users, it is not sufficient to control users who do not have an account at the site, not to mention that it cannot control accesses to content hosted by other UGC sites. In this paper, we propose new access control architecture for UGC, in which third party entities can offer access control mechanism to users independently of UGC hosting sites. With this architecture, a user can control accesses to his content that might be spread over many different UGC sites, regardless of whether those sites have access control mechanism or not. The key idea to separate access control mechanism from UGC sites is to apply cryptographic access control and we implemented the idea in such a way that it requires no modification to UGC sites and Web browsers. Our prototype implementation shows that the proposed access control architecture can be easily deployed in the current Web-based communication environment and it works quite well with popular Blog sites.},
keywords={},
doi={10.1587/transinf.E92.D.1961},
ISSN={1745-1361},
month={October},}
Copy
TY - JOUR
TI - Service Independent Access Control Architecture for User Generated Content (UGC) and Its Implementation
T2 - IEICE TRANSACTIONS on Information
SP - 1961
EP - 1970
AU - Akira YAMADA
AU - Ayumu KUBOTA
AU - Yutaka MIYAKE
AU - Kazuo HASHIMOTO
PY - 2009
DO - 10.1587/transinf.E92.D.1961
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E92-D
IS - 10
JA - IEICE TRANSACTIONS on Information
Y1 - October 2009
AB - Using Web-based content management systems such as Blog, an end user can easily publish User Generated Content (UGC). Although publishing of UGCs is easy, controlling access to them is a difficult problem for end users. Currently, most of Blog sites offer no access control mechanism, and even when it is available to users, it is not sufficient to control users who do not have an account at the site, not to mention that it cannot control accesses to content hosted by other UGC sites. In this paper, we propose new access control architecture for UGC, in which third party entities can offer access control mechanism to users independently of UGC hosting sites. With this architecture, a user can control accesses to his content that might be spread over many different UGC sites, regardless of whether those sites have access control mechanism or not. The key idea to separate access control mechanism from UGC sites is to apply cryptographic access control and we implemented the idea in such a way that it requires no modification to UGC sites and Web browsers. Our prototype implementation shows that the proposed access control architecture can be easily deployed in the current Web-based communication environment and it works quite well with popular Blog sites.
ER -
English
