Service independent access control architecture for user generated content (UGC) and its implementation

Akira Yamada, Ayumu Kubota, Yutaka Miyake, Kazuo Hashimoto

Research output: Contribution to journalArticle

Abstract

Using Web-based content management systems such as Blog, an end user can easily publish User Generated Content (UGC). Although publishing of UGCs is easy, controlling access to them is a difficult problem for end users. Currently, most of Blog sites offer no access control mechanism, and even when it is available to users, it is not sufficient to control users who do not have an account at the site, not to mention that it cannot control accesses to content hosted by other UGC sites. In this paper, we propose new access control architecture for UGC, in which third party entities can offer access control mechanism to users independently of UGC hosting sites. With this architecture, a user can control accesses to his content that might be spread over many different UGC sites, regardless of whether those sites have access control mechanism or not. The key idea to separate access control mechanism from UGC sites is to apply cryptographic access control and we implemented the idea in such a way that it requires no modification to UGC sites and Web browsers. Our prototype implementation shows that the proposed access control architecture can be easily deployed in the current Web-based communication environment and it works quite well with popular Blog sites.

Original languageEnglish
Pages (from-to)1961-1970
Number of pages10
JournalIEICE Transactions on Information and Systems
VolumeE92-D
Issue number10
DOIs
Publication statusPublished - 2009
Externally publishedYes

Fingerprint

Access control
Blogs
Web browsers
Communication

Keywords

  • Blog and cryptographic access control
  • User Generated Content (UGC)
  • Web

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Software
  • Artificial Intelligence
  • Hardware and Architecture
  • Computer Vision and Pattern Recognition

Cite this

Service independent access control architecture for user generated content (UGC) and its implementation. / Yamada, Akira; Kubota, Ayumu; Miyake, Yutaka; Hashimoto, Kazuo.

In: IEICE Transactions on Information and Systems, Vol. E92-D, No. 10, 2009, p. 1961-1970.

Research output: Contribution to journalArticle

@article{c7ede8abfca54e48b4b80a13bbb28d74,
title = "Service independent access control architecture for user generated content (UGC) and its implementation",
abstract = "Using Web-based content management systems such as Blog, an end user can easily publish User Generated Content (UGC). Although publishing of UGCs is easy, controlling access to them is a difficult problem for end users. Currently, most of Blog sites offer no access control mechanism, and even when it is available to users, it is not sufficient to control users who do not have an account at the site, not to mention that it cannot control accesses to content hosted by other UGC sites. In this paper, we propose new access control architecture for UGC, in which third party entities can offer access control mechanism to users independently of UGC hosting sites. With this architecture, a user can control accesses to his content that might be spread over many different UGC sites, regardless of whether those sites have access control mechanism or not. The key idea to separate access control mechanism from UGC sites is to apply cryptographic access control and we implemented the idea in such a way that it requires no modification to UGC sites and Web browsers. Our prototype implementation shows that the proposed access control architecture can be easily deployed in the current Web-based communication environment and it works quite well with popular Blog sites.",
keywords = "Blog and cryptographic access control, User Generated Content (UGC), Web",
author = "Akira Yamada and Ayumu Kubota and Yutaka Miyake and Kazuo Hashimoto",
year = "2009",
doi = "10.1587/transinf.E92.D.1961",
language = "English",
volume = "E92-D",
pages = "1961--1970",
journal = "IEICE Transactions on Information and Systems",
issn = "0916-8532",
publisher = "Maruzen Co., Ltd/Maruzen Kabushikikaisha",
number = "10",

}

TY - JOUR

T1 - Service independent access control architecture for user generated content (UGC) and its implementation

AU - Yamada, Akira

AU - Kubota, Ayumu

AU - Miyake, Yutaka

AU - Hashimoto, Kazuo

PY - 2009

Y1 - 2009

N2 - Using Web-based content management systems such as Blog, an end user can easily publish User Generated Content (UGC). Although publishing of UGCs is easy, controlling access to them is a difficult problem for end users. Currently, most of Blog sites offer no access control mechanism, and even when it is available to users, it is not sufficient to control users who do not have an account at the site, not to mention that it cannot control accesses to content hosted by other UGC sites. In this paper, we propose new access control architecture for UGC, in which third party entities can offer access control mechanism to users independently of UGC hosting sites. With this architecture, a user can control accesses to his content that might be spread over many different UGC sites, regardless of whether those sites have access control mechanism or not. The key idea to separate access control mechanism from UGC sites is to apply cryptographic access control and we implemented the idea in such a way that it requires no modification to UGC sites and Web browsers. Our prototype implementation shows that the proposed access control architecture can be easily deployed in the current Web-based communication environment and it works quite well with popular Blog sites.

AB - Using Web-based content management systems such as Blog, an end user can easily publish User Generated Content (UGC). Although publishing of UGCs is easy, controlling access to them is a difficult problem for end users. Currently, most of Blog sites offer no access control mechanism, and even when it is available to users, it is not sufficient to control users who do not have an account at the site, not to mention that it cannot control accesses to content hosted by other UGC sites. In this paper, we propose new access control architecture for UGC, in which third party entities can offer access control mechanism to users independently of UGC hosting sites. With this architecture, a user can control accesses to his content that might be spread over many different UGC sites, regardless of whether those sites have access control mechanism or not. The key idea to separate access control mechanism from UGC sites is to apply cryptographic access control and we implemented the idea in such a way that it requires no modification to UGC sites and Web browsers. Our prototype implementation shows that the proposed access control architecture can be easily deployed in the current Web-based communication environment and it works quite well with popular Blog sites.

KW - Blog and cryptographic access control

KW - User Generated Content (UGC)

KW - Web

UR - http://www.scopus.com/inward/record.url?scp=77950204606&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77950204606&partnerID=8YFLogxK

U2 - 10.1587/transinf.E92.D.1961

DO - 10.1587/transinf.E92.D.1961

M3 - Article

VL - E92-D

SP - 1961

EP - 1970

JO - IEICE Transactions on Information and Systems

JF - IEICE Transactions on Information and Systems

SN - 0916-8532

IS - 10

ER -