Security in dynamic web content management systems applications

Communications of the ACM

Volumn 52, Issue 12, 2009, Pages 121-125

  Vaidyanathan, Ganesh ^a   Mautone, Steven ^b  

^a INDIANA UNIVERSITY SOUTH BEND   (United States)

^b Showtime Networks Inc   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CONTENT CREATION; DENIAL OF SERVICE; DYNAMIC WEB CONTENT; ON-THE-FLY; OPEN SOURCE SYSTEM; SECURITY ARCHITECTURE; SECURITY FRAMEWORKS; SECURITY ISSUES; SECURITY VULNERABILITIES; USER EXPERIENCE; USER FRIENDLY INTERFACE; WEB CONTENT; WEB CONTENT MANAGEMENT; WEB INFORMATION; WEB PAGE; WEB SERVER PERFORMANCE;

KNOWLEDGE ENGINEERING; MANAGEMENT; OPEN SYSTEMS; QUEUEING NETWORKS; USER INTERFACES; WEBSITES;

NETWORK SECURITY;

EID: 71149118712     PISSN: 00010782     EISSN: 15577317     Source Type: Journal    
DOI: 10.1145/1610252.1610284     Document Type: Article

References (12)

1. Dhillon, G., Backhouse, J. Technical opinion: Information system security management in the new millennium. Comm. ACM 43, 7, (July 2000), 125-128.
2. Hoepman, J., Jacobs, B. Increased security through open source. Comm. ACM 50, 1, (Jan. 2007), 79-83.
3. Huang, Y., Yu, F., Hang, C., Tsai, C., Lee, D.T., Kuo, S. 2004. Securing Web application code static analysis and runtime protection. Proceedings of the 13th international conference on World Wide Web, New York, NY, 40-52.
4. Joshi, J.B.D., Aref, W.G., Ghafoor, A., Spafford, E.H. Security models for Web-based applications. Comm. ACM 44, 2, (Feb. 2001), 38-44.
5. Karels, M.J. Features: Commercializing open source software. Queue 1,5, (2003), 46-55.
6. Maconachy, W.V., Schou, C.D., Ragsdale, D., Welch, D. 2001. A model for information assurance: An integrated approach. Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, (June 5-6, 2001), West Point, NY: 306-310.
7. Mostefaoui, G.K. Security in pervasive environments, What's next? Security and Management Journal, 2003, 93-98.
8. PHP Security Consortium. PHP Security Guide 1.0. http://phpsec.org/ php-security-guide.pdf, 2005.
9. Pfeeger, C. 1997. Security in Computing. Prentice Hall, Upper Saddle River, NJ, 1997.
10. Su, Z., Wassermann, G. 2006. The essence of command injection attacks in Web applications. 33rd ACM SIGPLAN-SIGACT symposium on Principles of Programming Languages, Charleston, SC, 2006: 372-382.
11. Titchkosky, L., Arlitt, M., Williamson, C. A performance comparison of dynamic Web technologies. ACM SIGMETRICS Performance Evaluation Review 31, 3, (2003), 1-11.
12. Vaughan-Nichols, S.J. XML shows promise, but don't underestimate its problems. News Forge, June 18, 2003.