Architecture and Protocol for User-Controlled Access Management in Web 2.0 Applications

The rapidly developing Web environment provides users with a wide set of rich services as varied and complex as desktop applications. Those services are collectively referred to as ``Web 2.0´´, with examples such as Google Docs, Flickr, or Wordpress, that allow users to create, manage and share their content online. By switching from desktop applications to their cloud-based Web equivalents users release even more data online. It is the user who creates this data, who disseminates it and who shares it with other users and services. Storing and sharing resources on the Web poses new security challenges. Access control, in particular, is currently poorly addressed in such an environment and is not well suited to the increasing number of resources that are available online. We propose a new approach to access control for the Web. Our approach puts a user in full control of assigning access rights to their resources which may be spread across multiple cloud-based Web applications. Unlike existing authorization systems, it relies on a user´s centrally located security requirements for these resources.