Trustworthy Access Control with Untrustworthy Web Servers
Defence Evaluation and Research Agency
If sensitive information is to be included in a shared web, access controls will be required. However, the complex software needed to provide a web service is prone to failure. To provide access control without relying on such software, encryption can be used. Bob is a prototype system that supports complex access control expressions through the transparent use of encryption.