摘要 |
A method and system for maintaining access control for a secure web server, SCWS. Protection sets (each defining a group of protected resources, a realm of logical users who are granted access to the protected resources, and instructions for authenticating the users in that realm) are stored by the web server so that upon receiving a request to access a given protected resource, the web server assesses the parameters of the protection set associated with the given protected resource and selects an appropriate cryptographic ciphersuite for use in securing sessions to access that protected resource. |