This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Welcome to the full schedule of the OWASP AppSec Research EU 2013 conference days. You’ll find the schedule for the training days at http://trainings2013.appsec.eu
View analytic
Friday, August 23 • 4:45pm - 5:30pm
Closing Note: "Access Control of the Web - The Web of Access Control"

Sign up or log in to save this to your schedule and see who's attending!

Many (most?) of the familiar security problems of the Web can be understood
as instances of broken access control once one adopts a generalized view of
access control that leaves behind the user centric approaches of the 1970s
and 1980s. We will propose a framework for discussing access control in the
Web with a particular focus on the web of entities owning sensitive
resources, defining policies, and enforcing policies, and on the questions
of trust arising in this context. I.e., why should an entity receiving a
policy trust that this policy is in its own interest and/or in the interest
of the owner of the resource the policy refers to.


Dieter Gollmann

Prof Dieter Gollmann received his Dipl.-Ing. in Engineering Mathematics (1979) and Dr.tech. (1984) from the University of Linz, Austria in the Department for System Science. He earned the Dr. habil. at the University of Karlsruhe, Germany, where he was awarded the 'venia legendi' for Computer Science in 1991. He was a Lecturer in Computer Science at Royal Holloway, University of London, and rejoined Royal Holloway later in 1990, where he was... Read More →

Friday August 23, 2013 4:45pm - 5:30pm
Aussichtsreich Emporio