SCUTA: A Server-Side Access Control System for Web Applications

机译：SCUTA：Web应用程序的服务器端访问控制系统

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

The Web is playing a very important role in our lives, and is becoming an essential element of the computing infrastructure. Unfortunately, its importance makes it the preferred target of attacks. Web-based vulnerabilities now outnumber traditional computer security concerns. A recent study shows that over 80 percent of web sites have had at least one serious vulnerability. We believe that the Web's problems, to a large degree, are caused by the inadequacy of its underlying access control systems. To reduce the number of vulnerabilities, it is essential to provide web applications with better access control models that can adequately address the protection needs of the current Wei). As a part of the efforts to develop a better access control system for the Web. we focus on the server-side access control in this paper. We introduce a new concept called subsession. based on which, we have developed a ring-based access control system (called Scuta) for web servers. Scuta provides a fine-grained and backward-compatible access control mechanism for web applications. We have implemented Scuta in PUP. and have conducted comprehensive case studies to evaluate its benefits.

机译：Web在我们的生活中扮演着非常重要的角色，并且正在成为计算基础架构的重要组成部分。不幸的是，它的重要性使其成为攻击的首选目标。现在，基于Web的漏洞数量超过了传统的计算机安全问题。最近的一项研究表明，超过80％的网站至少有一个严重漏洞。我们认为，Web的问题在很大程度上是由其底层访问控制系统的不足引起的。为了减少漏洞的数量，必须为Web应用程序提供更好的访问控制模型，这些模型可以充分满足当前Wei的保护需求。作为开发更好的Web访问控制系统的一部分。在本文中，我们重点介绍服务器端访问控制。我们引入了一个称为“子会话”的新概念。在此基础上，我们开发了用于Web服务器的基于环的访问控制系统（称为Scuta）。 Scuta为Web应用程序提供了一种细粒度且向后兼容的访问控制机制。我们已经在PUP中实现了Scuta。并进行了全面的案例研究，以评估其优势。

著录项

来源
《ACM symposium on access control models and technologies》|2012年|71-82|共12页
会议地点
作者
Xi Tan; Wenliang Du; Tongbo Luo; Karthick D. Soundararaj;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Web security; Server-Side Access Control;

机译：网络安全;服务器端访问控制;

相似文献

外文文献
中文文献
专利

1. SPHERES: an efficient server-side web application protection system [J] . Ouissem Ben Fredj International journal of information and computer security . 2019,第1期

机译：SPHERES：高效的服务器端Web应用程序保护系统
2. A web application system on server-side Java technology [J] . Odawara Seiki, Tsuchiya Hiroshi, Ekinaka Takashi, 横河技報 . 2002,第2期

机译：基于服务器端Java技术的Web应用程序系统
3. A web application system on server-side Java technology [J] . Odawara Seiki, Tsuchiya Hiroshi, Ekinaka Takashi, 横河技報 . 2002,第2期

机译：服务器端Java技术上的Web应用系统
4. SCUTA: A Server-Side Access Control System for Web Applications [C] . Xi Tan, Wenliang Du, Tongbo Luo, ACMAT 12 . 2012

机译：SCUTA：Web应用程序的服务器端访问控制系统
5. A specification for an extensible access control Web service featuring access control lists and role-based access control models. [D] . Garcia, Andres. 2004

机译：具有访问控制列表和基于角色的访问控制模型的可扩展访问控制Web服务的规范。
6. Use of Web Server-Side Technologies for Making the Most of the Hardware Variety in Hospital Information Systems [O] . Federico Ferrario, Marco Masseroli, Francesco Pinciroli 2001

机译：使用Web服务器端技术充分利用医院信息系统中的各种硬件
7. March 2016 VOLUME 3, ISSUE 3, MARCH 2016 Composite Silicon Solar Cell Efficiency Simulation Study; Sensitivity to the Absorption Coefficients and the Thickness of Intrinsic Absorber Layer V. Tudić, M. Marochini, T. Luke Abstract PDF with Text DOI 10.17148/IARJSET.2016.3301 Molecular Phylogeny of Turbinaria Ornata (Turner) J. Agardh E. Neelamathi and R. Kannan Abstract PDF with Text DOI 10.17148/IARJSET.2016.3302 Human Factors in Aircraft Maintenance Suhas H Begur, Dr J Ashok Babu Abstract PDF with Text DOI 10.17148/IARJSET.2016.3303 Human Factors in Aircraft Maintenance Suhas H Begur, Dr J Ashok Babu Abstract PDF with Text DOI 10.17148/IARJSET.2016.3304 Foliar nutraceutical and antioxidant property of Diospyros lanceifolia Roxb. (Ebenaceae) – An important medicinal plant of Assam, India Dipjyoti Kalita, N. Devi and D. Baishya Abstract PDF with Text DOI 10.17148/IARJSET.2016.3305 Study of Ion Mobility Characteristics and Morphology of some Electrochemically-Synthesised Polypyrroles Danesh Roudini, Peter J. S. Foot Abstract PDF with Text DOI 10.17148/IARJSET.2016.3306 Physico-Chemical Characterization of an Artificial Pond to Control the Eutrophication Process: A Case Study Sameer Al-Asheh, Hani Abu Qdais, Adnan Alquraishi, Osama Husain, Ismail Sadoon Abstract PDF with Text DOI 10.17148/IARJSET.2016.3307 Survey: Recommendation System for Web Portal using Customer Segmentation Neha Badami, Vipul Wakkar, Monica Jain, Devendra Pandit Abstract PDF with Text DOI 10.17148/IARJSET.2016.3308 Web Archiving: Past Present and Future of Evolving Multimedia Legacy Meenakshi Srivastava, Dr. S.K. Singh, Dr. S.Q. Abbas Abstract PDF with Text DOI 10.17148/IARJSET.2016.3309 Labour Contract Management System Kajol Bhutada, Ketaki Kivade, Vishakha Gokhale, Pallavi Bhore, Prof. Shiv Prasad P. Patil Abstract PDF with Text DOI 10.17148/IARJSET.2016.3310 Minimization of Torque Ripple and Multi Quadrant Operation of Direct Torque Control for Three Phase Induction Motor Using Fuzzy Logic Controller P.Ramesh Babu, S. Ramprasath, N.Vijayasarathi Abstract PDF with Text DOI 10.17148/IARJSET.2016.3311 Alert Me: A Real Time Video Surveillance System Implementing IoT D.P Gaikwad, Pooja kumawat, Saurabh Bhalerao, Akhilesh Khalate, Hrishikesh Dongre Abstract PDF with Text DOI 10.17148/IARJSET.2016.3312 Validity, Reliability and Item Analysis of AMAIUB Admission Test Dr. Lina S. Calucag and Dr. Danilo A. Tabalan Abstract PDF with Text DOI 10.17148/IARJSET.2016.3313 Design and Analysis of Track and Hold Circuit for high speed communication Smita D. Waghmare, Dr. U. A. Kshirsagar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3314 Design of Low Power Digitally Operated Voltage Regulator by using CMOS Technology Nikita V. Dhomane, Dr. U. A. Kshirsagar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3315 Automation in Ration Distribution System Rajesh B.Shinde, Prof. A.G. Gaikwad, Prof. Sonali Chincholikar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3316 Use of MnSo4 Sludge as a Partial Replacement for Cement in Concrete Golhar Ankush, Jogdand Mohini, Malvi Ketan, Salunke Swanand, Gorade Swapnil Abstract PDF with Text DOI 10.17148/IARJSET.2016.3317 Ethnobotanical Studies on Medicinal Plant Utilization by the Yanadhi Tribe of Ananthasagaram Mandal, Nellore District, Andhra Pradesh, India K. Sasdhar, P. Brahmajirao and A. Sujith Kumar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3318 Effect of Soil Structure Interaction on the Storey Lateral Displacement of a Multi Storied Building Surya Teja Ch, Sai Kiran T Abstract PDF with Text DOI 10.17148/IARJSET.2016.3319 An Overview of Narcolepsy Touseef Rahman, Omer Farook, Md Belal Bin Heyat, Mohd Maroof Siddiqui Abstract PDF with Text DOI 10.17148/IARJSET.2016.3320 Significance of Air Movement for Thermal Comfort in Educational Buildings, Case Study of a Classroom Geethu Priya, Nagaraju Kaja Abstract PDF with Text DOI 10.17148/IARJSET.2016.3321 A Load Balancing Approach to Minimize the Resource Wastage in Cloud Computing Sachin Soni, Praveen Yadav Abstract PDF with Text DOI 10.17148/IARJSET.2016.3322 Modeling and Simulation of Fluidized Bed Drying of Chickpea S.N. Saha, G.P. Dewangan, R.S. Thakur Abstract PDF with Text DOI 10.17148/IARJSET.2016.3323 Photocatalytic-Ozonation of Textile Dyeing Wastewater using Fixed Catalyst System Rajendiran S, Shriram B, Kanmani S Abstract PDF with Text DOI 10.17148/IARJSET.2016.3324 Mesh less Analysis of Orthotropic Skew Plate under Sinusoidal Line Load Kumari Shipra Suman, Jeeoot Singh Abstract PDF with Text DOI 10.17148/IARJSET.2016.3325 Performance Analysis of 2*2 Dual Frequency Wide Band Circular Patch Antenna Array P. Sai Vinay Kumar, P. Jagadamba, M. N. Giri Prasad Abstract PDF with Text DOI 10.17148/IARJSET.2016.3326 A Multi-Cloud Approach Towards Addressing Security Issues of Cloud: A Survey Kumar M.V, Poornima A. S Abstract PDF with Text DOI 10.17148/IARJSET.2016.3327 Improved Efficiency of Boiler Plant with Different GCV and Carbon Percentage Ishan. P. Bhatt, C.P. Panchal Abstract PDF with Text DOI 10.17148/IARJSET.2016.3328 Industrial Automation using Sensing based Applications for Internet of Things Geetesh Chaudhari, Sudarshan Jadhav, Sandeep Batule, Sandeep Helkar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3329 Assessment of Engineering Students Learning [O] . Hamdia Hmmad Alyazeedi 2016

机译：2016年3月第3卷，第3款，2016年3月复合硅太阳能电池效仿真研究;对吸收系数的敏感性和内在吸收层V.Tudić，M.Marochini，T. Luke摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3301 Turbinaria ornata（特纳）J. Agardh E. Neelamathi和R. Kannan摘要的分子系统PDF与文本 DOI 10.17148 / IARJSET.2016.3302在飞机维修中的人类因素Suhas H Begur，J Ashok Babu摘要博士 PDF与文本 DOI 10.17148 / IARJSET.2016.3303人类因素在飞机维修SUHAS H Begur，J Ashok Babu摘要摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3304叶面植物和抗氧化剂的Diospyros Lancefolia Roxb。（eBenaceae） - 印度Assam的重要药用植物Dipjyoti Kalita，N. Devi和D.Baishya摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3305离子迁移性特性和某些电化学综合的多滤网的形态的研究Danesh Roudini，Peter J. S. Stock PDF与文本 DOI 10.17148 / IARJSET.2016.3306人工池塘的物理化学表征控制富营养化过程：一个案例研究同样的Al-Asheh，Hani Abu Qdais，Adnan Alquraishi，Osama Husain，Ismail Sadoon Abstract PDF与文本 DOI 10.17148 / IARJSET.2016.3307调查显示：Web门户网站推荐系统使用客户细分Neha Badami，vipul Wakkar，Monica Jain，Devendra Pandit摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3308 Web归档：过去的现状和不断发展的多媒体遗产Meenakshi Srivastava，S.K. Singh，S.Q博士。 ABBAS摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3309劳动合同管理系统Kajol Bhutada，Ketaki Kivade，Vishakha Gokhalale，Pallavi Bhore，Shiv Prasad P. Putil摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.310使用模糊逻辑控制器P.RAMESH BABU，S.RAMPRASATH，N.Vijayasarath，N.VijayasArathi摘要，最小化扭矩纹波和三相感应电动机直接扭矩控制的多象限操作。 PDF与文本 DOI 10.17148 / IARJSET.2016.3311提醒我：实时视频监控系统实施物联网D.P Gaikwad，Pooja Kumawat，Saurabh Bhalerao，Akhilesh Khalate，Hrishikesh Dongre摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3312 AMAIB录取测试的有效性，可靠性和物品分析林纳·卡卢格博士和Danilo A. Tabalan摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3313高速通信轨道和保持电路的设计与分析SMITA D. Waghmare，U. A. Kshirsagar摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3314使用CMOS Technology Nikita V. Dhomane的低功耗数字操作电压调节器设计，Dhomane，U. A. Kshirsagar摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3315配给分配系统RAJESH B.Shinde，A.G.GAIKWAD教授，Sonali Chincholikar教授摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3316使用MNSO4污泥作为水泥的局部替代品在混凝土戈霍尔ankush，Jogdand Mohini，Malvi Ketan，Salunke Swanand，Gorade Swapnil摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3317 Zhanthasagaram Mandal，Nellore District，Andhra Pradesh，India K. Sasdhar，P. Brahmajiroao和A.苏公爵Kumar摘要PDF与文本 DOI 10.17148 / IARJSET.2016.318土壤结构互动对多层建筑苏里亚TEJA CH，SAI KIRAN T摘要的楼层横向位移PDF与文本 DOI 10.17148 / IARJSET.2016.3311概述NARCHEPSY TOUTEEF RAHMAN，OMER FAROOK，MD BELAL BIN HEYAT，MOHD Maroof Siddiqui摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.330在教育建筑中热舒适性的空气运动的意义，案例研究麦德鲁普里亚，Nagaraju Kaja摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3321一种负载均衡方法，以最大限度地减少云计算Sachin Soni，前列yadav摘要的资源浪费 PDF与文本 DOI 10.17148 / IARJSET.2016.3322 Chickpea S.N流化床干燥的建模与仿真萨哈，G.P.德湾，R.S. Thakur摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3323光催化纺织染料废水采用固定催化剂系统Rajendiran S，Shriram B，Kanmani S摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3324网眼较少分析正弦偏斜板在正弦线载荷kumari shipra suman，jeeoot singh摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.325 2 * 2双频宽带圆形贴片天线阵列P. Sai Vinay Kumar，P.Jagadamba，M. N.Giri Prasad摘要摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3326一种解决云安全问题的多云方法：Qumar M.V，Poornima A. S Abstract PDF与文本 DOI 10.17148 / IARJSET.2016.3327锅炉厂具有不同GCV和碳百分比的升高效率。 P. Bhatt，C.P. Panchal摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3328工业自动化使用基于传感的应用程序的东西，Geething Chaudhari，Sudarshan Jadhav，Sandeep Batule，Sandeep Helkar摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3329工程学生学习的评估
8. Web Application Design Using Server-Side JavaScript [R] . 1999

机译：使用服务器端Javascript的Web应用程序设计

SCUTA: A Server-Side Access Control System for Web Applications

摘要

著录项

相似文献

相关主题

期刊订阅