Creating application security layer based on resource access decision service

2008-01-01
Metin, Mehmet Özer
Şener, Cevat
Göǧebakan, Yenal
Different solutions have been implemented for different security aspects (access control, application security) of enterprise web applications. However combining "enterprise-level" and "application-level" security aspects in one layer could give great benefits such as reusability, manageability, and scalability. In this paper, we propose adding a new layer to n-tier web application architectures, which use RAD service implementations to execute enterprise and application security policies. Proposed architecture enables applications not only benefit from enterprise-level security policies provided by RAD, but also implements "application-level" security based on RAD services to eliminate web application attacks including but not limited to those based on cross-site scripting, SQL injection, forceful browsing, cookie poisoning, invalid input and most importantly session stealing. © 2008 Atilla Elçi.
1st International Conference on Security of Information and Networks, SIN 2007

Suggestions

Creating application security layer based on resource access decision service
Metin, Mehmet Özer; Şener, Cevat; Department of Computer Engineering (2007)
Different solutions have been used for each security aspects (access control, application security) to secure enterprise web applications. However combining "enterprise-level" and "application-level" security aspects in one layer could give great benefits such as reusability, manageability, and scalability. In this thesis, adding a new layer to n-tier web application architectures to provide a common evaluation and enforcement environment for both enterprise-level and application level policies to bring tog...
Using Assurance Cases to Develop Iteratively Security Features Using Scrum
BEN OTHMANE, Lotfi; Angın, Pelin; BHARGAVA, Bharat (2014-09-12)
A security feature is a customer-valued capability of software for mitigating a set of security threats. Incremental development of security features, using the Scrum method, often leads to developing ineffective features in addressing the threats they target due to factors such as incomplete security tests. This paper proposes the use of security assurance cases to maintain a global view of the security claims as the feature is being developed iteratively and a process that enables the incremental developm...
Uses of PKI for process authorization
Taşkazan, Feyza; Özgit, Attila; Erten, Murat; Department of Computer Engineering (2003)
Enterprises require an information security solution that provides privacy, integrity, authentication and access controls for processes. License management systems are developed to be a solution for process authorization in different platforms. However, security threats on processes cannot be controlled with existing license management mechanisms. The need is a complete system that is independent from implementation, platform, and application. In this thesis, we design a complete system for process authoriz...
A certificate based, context aware access control model for multi domain environments
Yortanlı, Ahmet; Koçyiğit, Altan; Department of Information Systems (2010)
A certificate based approach is proposed for access control operations of context aware systems for multi domain environments. New model deals with the removal of inter-domain communication requirement in access request evaluation process. The study is applied on a prototype implementation with configuration for two di erent cases to show the applicability of the proposed certificate based, context aware access control model for multi domain environments. The outputs for the cases show that proposed access ...
Analysis of Password Attacks From The Perspective Of The Attacker By Multiple Honeypots
Aydın, Kıvanç; Acartürk, Cengiz; Department of Cybersecurity (2021-8-19)
Authentication is vital for secure operation of ICT systems. Since the past several decades, alternative solutions have been developed for authentication, such as biometric authentication methods, aiming at replacing passwords. Nevertheless, their success has been limited as evidenced by intensive use of passwords. Today, an average user uses dozens of different passwords in daily practice. The frequent use of passwords in authentication also leads to a close interest of attackers due to rapid the expansion...
Citation Formats
M. Ö. Metin, C. Şener, and Y. Göǧebakan, “Creating application security layer based on resource access decision service,” presented at the 1st International Conference on Security of Information and Networks, SIN 2007, Gazimagusa, Türkiye, 2008, Accessed: 00, 2021. [Online]. Available: https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=84893173590&origin=inward.