Integrated access control and intrusion detection for Web servers

Author

Ryutov, Tatyana ; Neuman, Clifford ; Dongho, Kim. ; Li, Zhou.

Volume

14

Issue

9

fYear

2003

Firstpage

841

Lastpage

850

Abstract

Current intrusion detection systems work in isolation from access control for the application the systems aim to protect. The lack of coordination and interoperation between these components prevents detecting and responding to ongoing attacks in real-time before they cause damage. To address this, we apply dynamic authorization techniques to support fine-grained access control and application level intrusion detection and response capabilities. This paper describes our experience with integration of the Generic Authorization and Access Control API (GAA-API) to provide dynamic intrusion detection and response for the Apache Web server. The GAA-API is a generic interface which may be used to enable such dynamic authorization and intrusion response capabilities for many applications.

Keywords

Internet; application program interfaces; authorisation; file servers; telecommunication security; Apache Web server; GAA-API; Generic Authorization and Access Control API; Web servers; application level intrusion detection; dynamic authorization; dynamic intrusion detection; fine-grained access control; integrated access control; intrusion detection; real-time; Access control; Authorization; Buffer overflow; Clocks; Computer crime; Data security; Intrusion detection; Protection; Web server; Writing;

fLanguage

English

Journal_Title

Parallel and Distributed Systems, IEEE Transactions on

Publisher

ieee

ISSN

1045-9219

Type

jour

DOI

10.1109/TPDS.2003.1233707

Filename

1233707