%0 Conference Proceedings
%T Re-designing the Web’s Access Control System
%+ Syracuse University
%A Du, Wenliang
%A Tan, Xi
%A Luo, Tongbo
%A Jayaraman, Karthick
%A Zhu, Zutao
%Z Part 1: Invited Papers
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 23th Data and Applications Security (DBSec)
%C Richmond, VA, United States
%Y Yingjiu Li
%I Springer
%3 Data and Applications Security and Privacy XXV
%V LNCS-6818
%P 4-11
%8 2011-07-11
%D 2011
%R 10.1007/978-3-642-22348-8_2
%K web security
%K access control model
%Z Computer Science [cs]Conference papers
%X The Web is playing a very important role in our lives, and is becoming an essential element of the computing infrastructure. With such a glory come the attacks–the Web has become criminals’ preferred targets. Web-based vulnerabilities now outnumber traditional computer security concerns. Although various security solutions have been proposed to address the problems on the Web, few have addressed the root causes of why web applications are so vulnerable to these many attacks. We believe that the Web’s current access control models are fundamentally inadequate to satisfy the protection needs of today’s web, and they need to be redesigned. In this extended abstract, we explain our position, and summarize our efforts in redesigning the Web’s access control systems.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01586586/document
%2 https://inria.hal.science/hal-01586586/file/978-3-642-22348-8_2_Chapter.pdf
%L hal-01586586
%U https://inria.hal.science/hal-01586586
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-6818