• Title of article

    Specifying and enforcing application-level Web security policies

  • Author/Authors

    D.، Scott, نويسنده , , R.، Sharp, نويسنده ,

  • Issue Information
    روزنامه با شماره پیاپی سال 2003
  • Pages
    -770
  • From page
    771
  • To page
    0
  • Abstract
    Application-level Web security refers to vulnerabilities inherent in the code of a Web-application itself (irrespective of the technologies in which it is implemented or the security of the Web-server/back-end database on which it is built). In the last few months, application-level vulnerabilities have been exploited with serious consequences: Hackers have tricked ecommerce sites into shipping goods for no charge, usernames and passwords have been harvested, and confidential information (such as addresses and credit-card numbers) has been leaked. We investigate new tools and techniques which address the problem of application-level Web security. We 1) describe a scalable structuring mechanism facilitating the abstraction of security policies from large Web-applications developed in heterogeneous multiplatform environments; 2) present a set of tools which assist programmers in developing secure applications which are resilient to a wide range of common attacks; and 3) report results and experience arising from our implementation of these techniques.
  • Keywords
    Abdominal obesity , Food patterns , Prospective study , waist circumference
  • Journal title
    IEEE Transactions on Knowledge and Data Engineering
  • Serial Year
    2003
  • Journal title
    IEEE Transactions on Knowledge and Data Engineering
  • Record number

    100542