- Authors:
- G. Clemm,
- J. Reschke,
- E. Sedlar,
- J. Whitehead
This document specifies a set of methods, headers, message bodies, properties, and reports that define Access Control extensions to the WebDAV Distributed Authoring Protocol. This protocol permits a client to read and modify access control lists that instruct a server whether to allow or deny operations upon a resource (such as HyperText Transfer Protocol (HTTP) method invocations) by a given principal. A lightweight representation of principals as Web resources supports integration of a wide range of user management repositories. Search operations allow discovery and manipulation of principals using human names.
RFC Downloads
Cited By
- Cao X and Iverson L Intentional access management Proceedings of the second symposium on Usable privacy and security, (20-31)
- Whitehead J (2005). WebDAV, IEEE Internet Computing, 9:1, (66-74), Online publication date: 1-Jan-2005.
- Dusseault L and Whitehead J (2005). Open Calendar Sharing and Scheduling with CalDAV, IEEE Internet Computing, 9:2, (81-89), Online publication date: 1-Mar-2005.
- Jehøj H, Bouvin N and Grønbæk K AwareDAV Proceedings of the 14th international conference on World Wide Web, (180-189)
- Ren J, Taylor R, Dourish P and Redmiles D Towards an architectural treatment of software security Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications, (1-7)
- Rubart J Context-based access control Proceedings of the 2005 symposia on Metainformatics, (13-es)
- Ren J, Taylor R, Dourish P and Redmiles D (2005). Towards an architectural treatment of software security, ACM SIGSOFT Software Engineering Notes, 30:4, (1-7), Online publication date: 1-Jul-2005.
Recommendations
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Delegation in role-based access control
User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively ...
Role-Based Access Control Models
Since the 1970s, computer systems have featured multiple applications and served multiple users, leading to heightened awareness of data security issues. System administrators and software developers focused on different kinds of access control to ...