Towards web 2 0 content sharing beyond walled gardens
This presentation is the property of its rightful owner.
Sponsored Links
1 / 16

Towards Web 2.0 Content Sharing Beyond Walled Gardens PowerPoint PPT Presentation


  • 53 Views
  • Uploaded on
  • Presentation posted in: General

University of British Columbia. Towards Web 2.0 Content Sharing Beyond Walled Gardens. San-Tsai Sun Supervisor: Kosta Beznosov. Laboratory for Education and Research in Secure Systems Engineering ( LERSSE ) University of British Columbia. practical problem.

Download Presentation

Towards Web 2.0 Content Sharing Beyond Walled Gardens

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Towards web 2 0 content sharing beyond walled gardens

University of British Columbia

Towards Web 2.0 Content Sharing Beyond Walled Gardens

San-Tsai Sun

Supervisor: KostaBeznosov

Laboratory for Education and Research in Secure Systems Engineering (LERSSE)

University of British Columbia


Practical problem

practical problem

lack of usable mechanisms for secure Web 2.0 user content sharing across content and service providers (CSPs)


Content sharing scenario

content sharing scenario

CCA scouts only

Colonial Coast Adventures (CCA)

Girl Scouts

Alice

Jenny

Picasa Web

Alice’s CCA scout friends in Picasa Web


Question

question

  • how to enable useful sharing of Web 2.0 content across CSPs?

  • can existing technologies enable this type of sharing?


Secret link approach

secret-link approach

http://picasaweb.google.com/Alice?authkey=Gv1sRgCOzuv

  • usable for Web users

  • easy to implement by CSPs

  • Alice does not have control over Jenny’s sharing of secret link with others

  • Alice has to know Jenny’s email

secret-link

Alice

Jenny

[email protected]

Picasa Web


Design goals

design goals

  • content sharing useful for average users

  • user-centric, i.e., access policy and identity follow the user

  • only use browser, no special software or crypto on the user computer

  • CSPs

    • separation of content hosting and content sharing

    • not required to change their existing access-control mechanism


Approach

approach

  • OpenIDemailextension [1] to enable OpenID IdPs to use email as an alternative identifier

    • www.alo.com/santsai vs. [email protected]

  • policy hosting service

    • role-based trust-management policy language (RT) for credentials and policies [2]

    • distributed membership and containment queries

[1] B. Adida, “EmID: Web authentication by email address,” in The Proceedings of Web 2.0 Security and Privacy Workshop 2008, Oakland, California, USA, 2008.

[2] N. Li, J. C. Mitchell, and W. H. Winsborough, “Design of a role-based trust-management framework,” in SP ’02 Proceedings of the 2002 IEEE Symposium on Security and Privacy, 2002


Sharing scenario

sharing scenario

CCA.scout  [email protected]

CCA.scout  [email protected]

CCA.scout [email protected]

CCA

secret-link

memberships

secret-link, [email protected]

Alice

policy service Gmail

policy service Yahoo

[email protected]  CCA.@yahoo.scout

[email protected]

Picasa Web

[email protected]


Access scenario

access scenario

CCA.scout  [email protected]

CCA.scout  [email protected]

CCA.scout [email protected]

[email protected]

CCA

containment

secret-link

[email protected], [email protected]

Jenny

policy service Gmail

policy service Yahoo

OpenIDemail

AOL

yes/no

[email protected]  CCA.@yahoo.scout

Picasa Web

[email protected]


Content sharing scenario 2

content sharing scenario 2

CCA scouts and their parents only

Colonial Coast Adventures (CCA)

Girl Scouts

Mary

Alice

Jenny

Picasa Web

Alice’s scout friends in Picasa Web


Sharing scenario 2

sharing scenario 2

CCA.scout  [email protected]

CCA.scout  [email protected]

CCA.scout [email protected]

CCA

[email protected][email protected]

[email protected]_parent

Alice

Jenny

policy service Gmail

policy service Yahoo

policy service

AOL

[email protected]  CCA.@yahoo.scout

[email protected]_parent  [email protected]

[email protected]

[email protected]_parent

Picasa


Access scenario 2

access scenario 2

secret-link

CCA.scout  [email protected]

CCA.scout  [email protected]

CCA.scout [email protected]

CCA

[email protected][email protected]

memberships

containment

secret-link

[email protected]_parent ,[email protected]

Mary

Jenny

policy service Gmail

policy service Yahoo

policy service

AOL

yes/no

[email protected]  CCA.@yahoo.scout

[email protected]_parent  [email protected]

[email protected]

[email protected]_parent

Picasa


Progress up to date

progress up-to-date

  • protocols/algorithms for distributed memberships and containment queries

  • preliminary prototype

  • initial performance evaluation


Open questions

open questions

  • what is the expressiveness of sharing control that users need?

  • how to design useable interface for controlled sharing?

  • how to limit transitive trust?

    • A trusts B  B trusts C  A trusts C

  • how to preserve the confidentiality of credentials and policies?

    • CCA does not want everybody to know email addresses of its scouts


Future work

future work

  • investigate user needs in controlled sharing

  • design user interface

  • evaluate usability

  • investigate an approach for limiting transitive trust

  • preserve the confidentiality of credentials and policies

  • investigate phishing/spam prevention

  • improve performance


Towards web 2 0 content sharing beyond walled gardens

San-Tsai Sun <[email protected]>

  • San-Tsai Sun and Konstantin Beznosov. Open problems in Web 2.0 user content sharing. Presented at iNetSec Workshop, April 23th 2009.

  • San-Tsai Sun, KirstieHawkey, and Konstantin Beznosov. Towards enabling web 2.0 content sharing beyond walled gardens. To be presented at the Workshop on Security and Privacy in Online Social Networking, August 29th 2009


  • Login