Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Creating application security layer based on resource access decision service
Download
index.pdf
Date
2007
Author
Metin, Mehmet Özer
Metadata
Show full item record
Item Usage Stats
189
views
86
downloads
Cite This
Different solutions have been used for each security aspects (access control, application security) to secure enterprise web applications. However combining "enterprise-level" and "application-level" security aspects in one layer could give great benefits such as reusability, manageability, and scalability. In this thesis, adding a new layer to n-tier web application architectures to provide a common evaluation and enforcement environment for both enterprise-level and application level policies to bring together access controlling with application-level security. Removing discrimination between enterprise-level and application-level security policies improves manageability, reusability and scalability of whole system. Resource Access Decision (RAD) specification has been implemented and used as authentication mechanism for this layer. RAD service not only provides encapsulating domain specific factors to give access decisions but also can form a solid base to apply positive and negative security model to secure enterprise web applications. Proposed solution has been used in a real life system and test results have been presented.
Subject Keywords
Computer Engineering.
,
Computer Hardware.
URI
http://etd.lib.metu.edu.tr/upload/12608827/index.pdf
https://hdl.handle.net/11511/16985
Collections
Graduate School of Natural and Applied Sciences, Thesis
Suggestions
OpenMETU
Core
Creating application security layer based on resource access decision service
Metin, Mehmet Özer; Şener, Cevat; Göǧebakan, Yenal (2008-01-01)
Different solutions have been implemented for different security aspects (access control, application security) of enterprise web applications. However combining "enterprise-level" and "application-level" security aspects in one layer could give great benefits such as reusability, manageability, and scalability. In this paper, we propose adding a new layer to n-tier web application architectures, which use RAD service implementations to execute enterprise and application security policies. Proposed architec...
A knowledge based product line for semantic modeling of web service families
Orhan, Umut; Doğru, Ali Hikmet; Department of Computer Engineering (2008)
Some mechanisms to enable an effective transition from domain models to web service descriptions are developed. The introduced domain modeling support provides verification and correction on the customization part. An automated mapping mechanism from the domain model to web service ontologies is also developed. The proposed approach is based on Feature-Oriented Domain Analysis (FODA), Semantic Web technologies and ebXML Business Process Specification Schema (ebBP). Major contributions of this work are the c...
Analysis of recent attacks on SSL/TLS protocols
Özden, Duygu; Cenk, Murat; Department of Cryptography (2016)
Transport Layer Security(TLS) and its predecessor Secure Socket Layer(SSL) are two important cryptographic, certificate based protocols that satisfy secure communication in a network channel. They are widely used in many areas such as online banking systems, online shopping, e-mailing, military systems or governmental systems. Being at the center of secure communication makes SSL and TLS become the target of attackers and an important field of study for researchers. So many vulnerabilities and attacks towar...
A recommendation system combining context-awarenes and user profiling in mobile environment
Ulucan, Serkan; Erkmen, Aydan Müşerref; Department of Electrical and Electronics Engineering (2005)
Up to now various recommendation systems have been proposed for web based applications such as e-commerce and information retrieval where a large amount of product or information is available. Basically, the task of the recommendation systems in those applications, for example the e-commerce, is to find and recommend the most relevant items to users/customers. In this domain, the most prominent approaches are أcollaborative filteringؤ and أcontent-based filteringؤ. Sometimes these approaches are called as أ...
A certificate based, context aware access control model for multi domain environments
Yortanlı, Ahmet; Koçyiğit, Altan; Department of Information Systems (2010)
A certificate based approach is proposed for access control operations of context aware systems for multi domain environments. New model deals with the removal of inter-domain communication requirement in access request evaluation process. The study is applied on a prototype implementation with configuration for two di erent cases to show the applicability of the proposed certificate based, context aware access control model for multi domain environments. The outputs for the cases show that proposed access ...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
M. Ö. Metin, “Creating application security layer based on resource access decision service,” M.S. - Master of Science, Middle East Technical University, 2007.