Welcome to the full schedule of the OWASP AppSec Research EU 2013 conference days. You’ll find the schedule for the training days at http://trainings2013.appsec.eu
View analytic
Friday, August 23 • 4:45pm - 5:30pm
Closing Note: "Access Control of the Web - The Web of Access Control"

Sign up or log in to save this to your schedule and see who's attending!

Many (most?) of the familiar security problems of the Web can be understood
as instances of broken access control once one adopts a generalized view of
access control that leaves behind the user centric approaches of the 1970s
and 1980s. We will propose a framework for discussing access control in the
Web with a particular focus on the web of entities owning sensitive
resources, defining policies, and enforcing policies, and on the questions
of trust arising in this context. I.e., why should an entity receiving a
policy trust that this policy is in its own interest and/or in the interest
of the owner of the resource the policy refers to.


Dieter Gollmann

Prof Dieter Gollmann received his Dipl.-Ing. in Engineering Mathematics (1979) and Dr.tech. (1984) from the University of Linz, Austria in the Department for System Science. He earned the Dr. habil. at the University of Karlsruhe, Germany, where he was awarded the 'venia legendi' for Computer Science in 1991. He was a Lecturer in Computer Science at Royal Holloway, University of London, and rejoined Royal Holloway later in 1990, where he was the first Course Director of the MSc in Information Security. He's still giving guest lectures in Royal Holloway. He joined Microsoft Research in Cambridge in 1998. Then in 2003, he took the chair for Security in Distributed Applications at Hamburg University of Technology, Germany. Dieter Gollmann is an editor-in-chief of the International Journal of Information Security and an associate editor of the IEEE Security... Read More →

Friday August 23, 2013 4:45pm - 5:30pm
Aussichtsreich Emporio