WDAI: a simple World Wide Web distributed authorization infrastructure l

摘要

The World Wide Web (W3) has the potential to link different kinds of documents into hypertext collections and to distribute such collections among many document servers. Distributed collections can bring forth new W3 applications in extranets and expand the concept of content reuse. However, they also bring new authorization problems, such as the need for coordinated user administration, user authentication, and revocation of rights. This paper proposes WDAI, a simple and general infrastructure for distributed authorization on the World Wide Web. Under WDAI, browsers and servers exchange authorization information using X.509v3-based authorization certificates. WDAI is designed to be open to a wide variety of security policies and, being compatible with existing W3 technology, can be implemented without modifying existing browsers.