Title :
Integrated access control and intrusion detection for Web Servers
Author :
Ryutov, Tatyana ; Neuman, Clifford ; Kim, Dongho ; Zhou, Li
Author_Institution :
Inf. Sci. Inst., Univ. of Southern California, USA
Abstract :
Current intrusion detection systems work in isolation front access control for the application the systems aim to protect. The lack of coordination and inter-operation between these components prevents detecting and responding to ongoing attacks in real time, before they cause damage. To address this, we apply dynamic authorization techniques to support fine-grained access control and application level intrusion detection and response capabilities. This paper describes our experience with integration of the Generic Authorization and Access Control API (GAA-API) to provide dynamic intrusion detection and response for the Apache Web Server The GAA-API is a generic interface which may be used to enable such dynamic authorization and intrusion response capabilities for many applications.
Keywords :
Internet; application program interfaces; authorisation; API; Apache Web server; application program interface; authorization; integrated access control; intrusion detection; Access control; Authorization; Clocks; Computer crime; Government; Intrusion detection; Network servers; Operating systems; Protection; Web server;
Conference_Titel :
Distributed Computing Systems, 2003. Proceedings. 23rd International Conference on
Print_ISBN :
0-7695-1920-2
DOI :
10.1109/ICDCS.2003.1203489
