Wrappers - A mechanism to support state-based authorisation in Web applications

Data and Knowledge Engineering

Volumn 43, Issue 3, 2002, Pages 281-292

  Olivier, M S ^a   Gudes, Ehud ^b  

^a UNIVERSITY OF JOHANNESBURG   (South Africa)

^b BEN GURION UNIVERSITY OF THE NEGEV   (Israel)

Author keywords

Access control; Application security; State based authorisation; Web security; Wrappers

Indexed keywords

COMPUTER APPLICATIONS; COMPUTER SOFTWARE; CONTEXT SENSITIVE GRAMMARS; SEMANTICS; WORLD WIDE WEB;

STATE-BASED AUTHORIZATION;

SECURITY OF DATA;

EID: 0036887432     PISSN: 0169023X     EISSN: None     Source Type: Journal    
DOI: 10.1016/S0169-023X(02)00129-5     Document Type: Conference Paper

References (16)

1. Atluri V., Huang W.K. An extended petri net model for supporting workflow in a multilevel secure environment. Samarati P., Sandhu R.S. Database Security X: Status and Prospects. 1997;240-258 Chapman and Hall, London.
2. Biskup J., Eckert C. About the enforcement of state dependent security specifications. Keefe T.F., Landwehr C.E. Database Security VII: Status and Prospects. 1994;3-17 Elsevier, Amsterdam.
3. CERT, Buffer Overflow in MIME-aware Mail and News Clients, CERT Advisory CA-98.10, 1998
4. Ford W., Baum M.S. Secure Electronic Commerce: Building the Infrastructure for Digital Signatures and Encryption. 1997;Prentice Hall, Englewood Cliffs.
5. Demurjian S.A., He Y., Ting T.C., Saba M. Software agents for role-based security. Atluri V., Hale J. Research Advances in Database and Information Systems Security. 2000;79-93 Kluwer, Norwell.
6. W.M. Farmer, J.D. Guttman, V. Swurp, Security for mobile agents: Authentication and state appraisal, in: 4th European Symp. on Research in Computer Security, LNCS vol.1146, 1997, pp. 118-130.
7. Gudes E., Olivier M.S., van de Riet R.P., Modelling, specifying and implementing workflow security in cyberspace. Journal of Computer Security. 7(4):1999;287-315.
8. R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, T. Berners-Lee, Hypertext Transfer Protocol - HTTP/1.1., RFC 2616, Internet Society, 1999.
9. Garfinkel S., Spafford G. Practical Unix and Internet Security. second ed. 1996;O'Reilly, Sebastopol.
10. Harel D., Politi M. Modeling Reactive Systems with Statecharts: the STATEMATE Approach. 1998;McGraw-Hill, New York.
11. McCollum C.D., Faatz D.B., Herndon W.R., Sebes E.J., Thomas R.K. Distributed object technologies databases and security. Lin T.Y., Qian S. Database Security XI: Status and Prospects. 1998;17-31 Chapman and Hall, London.
12. Olivier M.S., van de Riet R.P., Gudes E. Specifying application-level security in workflow systems. Wagner R. Proceedings of the Ninth International Workshop on Security of Data Intensive Applications (DEXA 98). 1998;346-351 IEEE, Los Alamitos.
13. Park J., Sandhu R., Ghanta S. RBAC on the Web by secure cookies. Atluri V., Hale J. Research Advances in Database and Information Systems Security. 2000;49-62 Kluwer, Norwell.
14. Stein L.D. Web Security: A Step-by-Step Reference Guide. 1998;Addison-Wesley, Reading.
15. Tari Z. Designing security agents for the DOK federated system. Lin T.Y., Qian S. Database Security XI: Status and Prospects. 1998;35-59 Chapman and Hall, London.
16. Wiederhold G., Billelo M., Donahue C. Web implementation of a security mediator for medical databases. Lin T.Y., Qian S. Database Security XI: Status and Prospects. 1998;60-67 Chapman and Hall, London.