“Wrappers — a mechanism to support state-based authorisation in Web applications”

Olivier and Gudes

2002

Citation information

M. S. Olivier and E. Gudes. “Wrappers — a mechanism to support state-based authorisation in Web applications”. In: Data and Knowledge Engineering 43.3 (2002), pp. 281–292

Abstract

The premises of this paper are 1) security is application dependent because application semantics directly influence proper protection; but 2) applications are generally too complex to be trusted to implement security as specified by the given security policy. These problems are aggravated if the application operates over time and space.

This paper proposes the use of a simple program (a “wrapper”) that has enough knowledge about a specific application’s potential states and the actions that are permissible in each state. Using this knowledge, it is able to filter requests that should not reach an application at a given point.

Full text

A pre- or postprint of the publication is available at http://mo.co.za/open/wrapper2.pdf.

Definitive version

The definitive version of the paper is available from the publisher.
DOI: 10.1016/S0169-023X(02)00129-5

BibTeX reference

@ARTICLE(wrapper2,
AUTHOR={Martin S Olivier and Ehud Gudes},
TITLE={Wrappers --- a mechanism to support state-based authorisation in Web applications},
JOURNAL={Data and Knowledge Engineering},
VOLUME={43},
NUMBER={3},
YEAR={2002},
PAGES={281--292} )


[Publications] [Home]
Page maintained by Martin Olivier
Database updated: November 8, 2015

Beta version of new bibliography database; please report errors (or copyright violations) that may have slipped in.