Re-designing the web's access control system (Extended abstract)

Wenliang Du, Xi Tan, Tongbo Luo, Karthick Jayaraman, Zutao Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The Web is playing a very important role in our lives, and is becoming an essential element of the computing infrastructure. With such a glory come the attacks-the Web has become criminals' preferred targets. Web-based vulnerabilities now outnumber traditional computer security concerns. Although various security solutions have been proposed to address the problems on the Web, few have addressed the root causes of why web applications are so vulnerable to these many attacks. We believe that the Web's current access control models are fundamentally inadequate to satisfy the protection needs of today's web, and they need to be redesigned. In this extended abstract, we explain our position, and summarize our efforts in redesigning the Web's access control systems.

Original languageEnglish (US)
Title of host publicationData and Applications Security and Privacy XXV - 25th Annual IFIP WG 11.3 Conference, DBSec 2011, Proceedings
Pages4-11
Number of pages8
DOIs
StatePublished - Jul 18 2011
Event25th Annual WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2011 - Richmond, VA, United States
Duration: Jul 11 2011Jul 13 2011

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6818 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other25th Annual WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2011
CountryUnited States
CityRichmond, VA
Period7/11/117/13/11

Keywords

  • access control model
  • web security

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Re-designing the web's access control system (Extended abstract)'. Together they form a unique fingerprint.

  • Cite this

    Du, W., Tan, X., Luo, T., Jayaraman, K., & Zhu, Z. (2011). Re-designing the web's access control system (Extended abstract). In Data and Applications Security and Privacy XXV - 25th Annual IFIP WG 11.3 Conference, DBSec 2011, Proceedings (pp. 4-11). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6818 LNCS). https://doi.org/10.1007/978-3-642-22348-8_2