{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:13:31Z","timestamp":1763468011312,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":43,"publisher":"ACM","license":[{"start":{"date-parts":[[2010,10,8]],"date-time":"2010-10-08T00:00:00Z","timestamp":1286496000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2010,10,8]]},"DOI":"10.1145\/1866855.1866865","type":"proceedings-article","created":{"date-parts":[[2010,10,12]],"date-time":"2010-10-12T15:38:31Z","timestamp":1286897911000},"page":"35-44","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":26,"title":["User-managed access to web resources"],"prefix":"10.1145","author":[{"given":"Maciej P.","family":"Machulak","sequence":"first","affiliation":[{"name":"Newcastle University, Newcastle upon Tyne, United Kingdom"}]},{"given":"Eve L.","family":"Maler","sequence":"additional","affiliation":[{"name":"PayPal, Inc., San Jose, CA, USA"}]},{"given":"Domenico","family":"Catalano","sequence":"additional","affiliation":[{"name":"Oracle Corp., Rome, Italy"}]},{"given":"Aad","family":"van Moorsel","sequence":"additional","affiliation":[{"name":"Newcastle University, Newcastle upon Tyne, United Kingdom"}]}],"member":"320","published-online":{"date-parts":[[2010,10,8]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"]]Internet Engineering Task Force (IETF). http:\/\/www.ietf.org. Accessed 29\/06\/2010.  ]]Internet Engineering Task Force (IETF). http:\/\/www.ietf.org. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_2_1","unstructured":"]]Kantara Initiative. http:\/\/kantarainitiative.org\/. Accessed 29\/06\/2010.  ]]Kantara Initiative. http:\/\/kantarainitiative.org\/. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_3_1","unstructured":"]]OpenSSO Project. http:\/\/opensso.dev.java.net\/. Accessed 29\/06\/2010.  ]]OpenSSO Project. http:\/\/opensso.dev.java.net\/. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_4_1","unstructured":"]]Project hData. http:\/\/www.projecthdata.org. Accessed 29\/06\/2010.  ]]Project hData. http:\/\/www.projecthdata.org. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_5_1","unstructured":"]]Project VRM - Vendor Relationship Management. http:\/\/cyber.law.harvard.edu\/research\/projectvrm. Accessed 29\/06\/2010.  ]]Project VRM - Vendor Relationship Management. http:\/\/cyber.law.harvard.edu\/research\/projectvrm. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_6_1","unstructured":"]]The ID-WSF Evolution Work Group. http:\/\/kantarainitiative.org\/confluence\/display\/idwsf. Accessed 29\/06\/2010.  ]]The ID-WSF Evolution Work Group. http:\/\/kantarainitiative.org\/confluence\/display\/idwsf. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_7_1","unstructured":"]]UMA 1.0 Core Protocol. http:\/\/kantarainitiative.org\/confluence\/display\/uma\/UMA+1.0+Core+Protocol. Accessed 29\/06\/2010.  ]]UMA 1.0 Core Protocol. http:\/\/kantarainitiative.org\/confluence\/display\/uma\/UMA+1.0+Core+Protocol. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_8_1","unstructured":"]]UMA Scenarios and Use Cases. http:\/\/kantarainitiative.org\/confluence\/display\/uma\/UMA+Scenarios+and+Use+Cases. Accessed 29\/06\/2010.  ]]UMA Scenarios and Use Cases. http:\/\/kantarainitiative.org\/confluence\/display\/uma\/UMA+Scenarios+and+Use+Cases. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_9_1","volume-title":"http:\/\/www.oasis-open.org.\/committees\/xacml\/","author":"Xtensible Access Control Markup ASIS","year":"2005","unstructured":"]]O ASIS e Xtensible Access Control Markup Language (XACML). http:\/\/www.oasis-open.org.\/committees\/xacml\/ , 2005 . Version 2.0. ]]OASIS eXtensible Access Control Markup Language (XACML). http:\/\/www.oasis-open.org.\/committees\/xacml\/, 2005. Version 2.0."},{"key":"e_1_3_2_1_10_1","unstructured":"]]OpenID Attribute Exchange Dec 2007. Version 1.0.  ]]OpenID Attribute Exchange Dec 2007. Version 1.0."},{"volume-title":"Nov","year":"2008","key":"e_1_3_2_1_11_1","unstructured":"]]Identity Metasystem Interoperability Version 1.0. http:\/\/www.oasis-open.org\/committees\/download.php\/29979\/identity-1.0-spec-cd-01.pdf , Nov 2008 . Committee Draft 01. ]]Identity Metasystem Interoperability Version 1.0. http:\/\/www.oasis-open.org\/committees\/download.php\/29979\/identity-1.0-spec-cd-01.pdf, Nov 2008. Committee Draft 01."},{"key":"e_1_3_2_1_12_1","unstructured":"]]host-meta: Web Host Metadata. http:\/\/tools.ietf.org\/html\/draft-hammer-hostmeta-13 Jun 2010. (Work in Progress).  ]]host-meta: Web Host Metadata. http:\/\/tools.ietf.org\/html\/draft-hammer-hostmeta-13 Jun 2010. (Work in Progress)."},{"key":"e_1_3_2_1_13_1","volume-title":"Jun","author":"Authentication Protocol 0","year":"2010","unstructured":"]]OAuth 2. 0 support for the Kerberos V5 Authentication Protocol . http:\/\/tools.ietf.org\/html\/draft-hardjono-oauth-kerberos-00 , Jun 2010 . (Work in Progress) . ]]OAuth 2.0 support for the Kerberos V5 Authentication Protocol. http:\/\/tools.ietf.org\/html\/draft-hardjono-oauth-kerberos-00, Jun 2010. (Work in Progress)."},{"key":"e_1_3_2_1_14_1","volume-title":"Jun","author":"Protocol 0","year":"2010","unstructured":"]]The OAuth 2. 0 Protocol . http:\/\/tools.ietf.org\/html\/draft-ietf-oauth-v2-09 , Jun 2010 . (Work in Progress) . ]]The OAuth 2.0 Protocol. http:\/\/tools.ietf.org\/html\/draft-ietf-oauth-v2-09, Jun 2010. (Work in Progress)."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSC.2010.29"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.5555\/956415.956458"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.5555\/647253.757044"},{"key":"e_1_3_2_1_18_1","volume-title":"OASIS Standard","author":"Cantor S.","year":"2005","unstructured":"]] S. Cantor Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 . OASIS Standard , Mar. 2005 . ]]S. Cantor et al. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, Mar. 2005."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/s12394-008-0005-z"},{"key":"e_1_3_2_1_20_1","volume-title":"What entrepreneurs and information architects need to know","author":"Duane Nickull D. H.","year":"2009","unstructured":"]] D. H. Duane Nickull . Web 2. 0 Architectures . What entrepreneurs and information architects need to know , volume 271 . O'Reilly , 1. edition edition, May 2009 . ]]D. H. Duane Nickull. Web 2.0 Architectures. What entrepreneurs and information architects need to know, volume 271. O'Reilly, 1. edition edition, May 2009."},{"key":"e_1_3_2_1_21_1","volume-title":"OASIS Standard","author":"A.","year":"2009","unstructured":"]] A. N. et al. WS-Trust 1.4 . OASIS Standard , Feb. 2009 . ]]A. N. et al. WS-Trust 1.4. OASIS Standard, Feb. 2009."},{"key":"e_1_3_2_1_22_1","unstructured":"]]Eve Maler. ProtectServe draft protocol flows. http:\/\/www.xmlgrrl.com\/blog\/2009\/04\/02\/protectserve-draft-protocol-flows Mar 2009. Accessed 29\/06\/2010.  ]]Eve Maler. ProtectServe draft protocol flows. http:\/\/www.xmlgrrl.com\/blog\/2009\/04\/02\/protectserve-draft-protocol-flows Mar 2009. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_23_1","unstructured":"]]Eve Maler. To protect and to serve. http:\/\/www.xmlgrrl.com\/blog\/2009\/03\/23\/to-protect-and-to-serve Mar 2009. Accessed 29\/06\/2010.  ]]Eve Maler. To protect and to serve. http:\/\/www.xmlgrrl.com\/blog\/2009\/03\/23\/to-protect-and-to-serve Mar 2009. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_24_1","volume-title":"June","author":"Farrell S.","year":"2002","unstructured":"]] S. Farrell and R. Housley . An Internet Attribute Certificate Profile for Authorization. RFC 3281 (Draft Standard) , June 2002 . ]]S. Farrell and R. Housley. An Internet Attribute Certificate Profile for Authorization. RFC 3281 (Draft Standard), June 2002."},{"key":"e_1_3_2_1_25_1","volume-title":"June","author":"Fielding R.","year":"1999","unstructured":"]] R. Fielding Hypertext Transfer Protocol - HTTP\/1.1. RFC 2616 (Draft Standard) , June 1999 . Updated by RFC 2817. ]]R. Fielding et al. Hypertext Transfer Protocol - HTTP\/1.1. RFC 2616 (Draft Standard), June 1999. Updated by RFC 2817."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1367497.1367599"},{"key":"e_1_3_2_1_28_1","volume-title":"The OAuth 1.0 Protocol. RFC 5849 (Draft Standard)","author":"Hammer-Lahav E.","year":"2010","unstructured":"]] E. Hammer-Lahav . The OAuth 1.0 Protocol. RFC 5849 (Draft Standard) , 2010 . ]]E. Hammer-Lahav. The OAuth 1.0 Protocol. RFC 5849 (Draft Standard), 2010."},{"key":"e_1_3_2_1_29_1","first-page":"43","volume-title":"WOSP '08: Proc. of the first workshop on Online social networks","author":"Hart M.","year":"2008","unstructured":"]] M. Hart , R. Johnson , and A. Stent . More content - less control: Access control in the web 2.0 . In WOSP '08: Proc. of the first workshop on Online social networks , pages 43 -- 48 , New York, NY, USA , 2008 . ]]M. Hart, R. Johnson, and A. Stent. More content - less control: Access control in the web 2.0. In WOSP '08: Proc. of the first workshop on Online social networks, pages 43--48, New York, NY, USA, 2008."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1655008.1655011"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCSW.2010.37"},{"key":"e_1_3_2_1_33_1","unstructured":"]]E. L. Maler and P. C. Bryan. Claims 2.0. http:\/\/kantarainitiative.org\/confluence\/display\/uma\/Claims+2.0. Accessed 29\/06\/2010.  ]]E. L. Maler and P. C. Bryan. Claims 2.0. http:\/\/kantarainitiative.org\/confluence\/display\/uma\/Claims+2.0. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_34_1","volume-title":"The Kerberos Network Authentication Service (V5). RFC 4120 (Draft Standard)","author":"Neuman C.","year":"2005","unstructured":"]] C. Neuman , S. Hartman , and K. Raeburn . The Kerberos Network Authentication Service (V5). RFC 4120 (Draft Standard) , 2005 . ]]C. Neuman, S. Hartman, and K. Raeburn. The Kerberos Network Authentication Service (V5). RFC 4120 (Draft Standard), 2005."},{"key":"e_1_3_2_1_35_1","unstructured":"]]T. O'Reilly. What Is Web 2.0. Design Patterns and Business Models for the Next Generation of Software. http:\/\/oreilly.com\/web2\/archive\/what-is-web-20.html Sep 2005. Accessed 29\/06\/2010.  ]]T. O'Reilly. What Is Web 2.0. Design Patterns and Business Models for the Next Generation of Software. http:\/\/oreilly.com\/web2\/archive\/what-is-web-20.html Sep 2005. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_36_1","unstructured":"]]T. O'Reilly and J. Battelle. Web Squared: Web 2.0 Five Years On. http:\/\/oreilly.com\/web2\/archive\/what-is-web-20.html Oct 2009. Accessed 29\/06\/2010.  ]]T. O'Reilly and J. Battelle. Web Squared: Web 2.0 Five Years On. http:\/\/oreilly.com\/web2\/archive\/what-is-web-20.html Oct 2009. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_37_1","unstructured":"]]R. Paul. OAuth and OAuth WRAP: defeating the password anti-pattern. http:\/\/arstechnica.com\/open-source\/guides\/2010\/01\/oauth-and-oauth-wrap-defeating-the-password-anti-pattern.ars Jan 2010. Accessed 29\/06\/2010.  ]]R. Paul. OAuth and OAuth WRAP: defeating the password anti-pattern. http:\/\/arstechnica.com\/open-source\/guides\/2010\/01\/oauth-and-oauth-wrap-defeating-the-password-anti-pattern.ars Jan 2010. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1461469.1461470"},{"key":"e_1_3_2_1_39_1","volume-title":"USA","author":"Smetters D. K.","year":"2008","unstructured":"]] D. K. Smetters . Building Secure Mashups. In W2SP '08: Proc. of the Workshop on Web 2.0 Security and Privacy, Oakland, CA , USA , May 2008 . ]]D. K. Smetters. Building Secure Mashups. In W2SP '08: Proc. of the Workshop on Web 2.0 Security and Privacy, Oakland, CA, USA, May 2008."},{"key":"e_1_3_2_1_40_1","unstructured":"]]Student-Managed Access to Online Resources (SMART). http:\/\/research.ncl.ac.uk\/smart. Accessed 29\/06\/2010.  ]]Student-Managed Access to Online Resources (SMART). http:\/\/research.ncl.ac.uk\/smart. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2009.45"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/1397735.1397746"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"crossref","unstructured":"]]UMA Requirements. http:\/\/kantarainitiative.org\/confluence\/display\/uma\/UMA+Requirements. Accessed 29\/06\/2010.  ]]UMA Requirements. http:\/\/kantarainitiative.org\/confluence\/display\/uma\/UMA+Requirements. Accessed 29\/06\/2010.","DOI":"10.1002\/chin.199829018"},{"key":"e_1_3_2_1_44_1","unstructured":"]]User-Managed Access Work Group. http:\/\/kantarainitiative.org\/confluence\/display\/uma. Accessed 29\/06\/2010.  ]]User-Managed Access Work Group. http:\/\/kantarainitiative.org\/confluence\/display\/uma. Accessed 29\/06\/2010."},{"key":"e_1_3_2_1_45_1","volume-title":"Jan.","author":"Yavatkar R.","year":"2000","unstructured":"]] R. Yavatkar , D. Pendarakis , and R. Guerin . A framework for policy-based admission control. RFC 2753 (Draft Standard) , Jan. 2000 . ]]R. Yavatkar, D. Pendarakis, and R. Guerin. A framework for policy-based admission control. RFC 2753 (Draft Standard), Jan. 2000."}],"event":{"name":"CCS '10: 17th ACM Conference on Computer and Communications Security 2010","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Chicago Illinois USA","acronym":"CCS '10"},"container-title":["Proceedings of the 6th ACM workshop on Digital identity management"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1866855.1866865","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1866855.1866865","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T10:52:59Z","timestamp":1750243979000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1866855.1866865"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,10,8]]},"references-count":43,"alternative-id":["10.1145\/1866855.1866865","10.1145\/1866855"],"URL":"https:\/\/doi.org\/10.1145\/1866855.1866865","relation":{},"subject":[],"published":{"date-parts":[[2010,10,8]]},"assertion":[{"value":"2010-10-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}