From Web server security to Web components security

Author

Lin, Sheng-Kang

Author_Institution

Inf. Syst. Lab., Inst. for Inf. Ind., Taipei, Taiwan

fYear

2003

fDate

14-16 Oct. 2003

Firstpage

176

Lastpage

182

Abstract

Web servers are increasingly being adopted as a viable means to access Internet-based applications. Current solutions to secure Web servers are not comprehensive or robust enough to protect servers and applications from today´s hackers. Protection profile gives us a systematic approach to examine the minimum-security requirements of a system. Therefore, we derive the Web security components that make a secure Web serve from the Web Server Protection Profile. A component-based framework as well as an open source solution is given subsequently. We believe that after the system is implemented and deployed, it functions reliably and effectively. We aim at establishing the provable reliability of construction and the feasibility of component-based solutions for the secure Web server.

Keywords

Internet; computer crime; exception handling; file servers; message authentication; open systems; public domain software; software packages; Internet-based applications; Web Server protection profile; Web security components; Web server security; component-based framework; minimum-security requirements; open source solution; software packages; Access control; Communication system security; Computer hacking; Cryptography; Data security; Information security; Internet; Protection; Robustness; Web server;

fLanguage

English

Publisher

ieee

Conference_Titel

Security Technology, 2003. Proceedings. IEEE 37th Annual 2003 International Carnahan Conference on

Print_ISBN

0-7803-7882-2

Type

conf

DOI

10.1109/CCST.2003.1297556

Filename

1297556