As the amount of active web pages increased, the need to restrict access only to specific users or for specific usage surely arises. The protection of information contained in active web pages, however, is difficult because the content of pages changes dynamically based on the access context. In this paper we propose a fine-grained authorization model for ASP pages expecting that we can find some useful thought in addressing the problem of access control of general active web pages. The method proposed supports authorization at different levels, takes into consideration access context, and provides fine- grained protection for information contained in ASP pages.
展开▼