Matches in ScholarlyData for { <https://w3id.org/scholarlydata/inproceedings/www2010/paper/main/108> ?p ?o. }
Showing items 1 to 14 of
14
with 100 items per page.
- 108 creator adrian-mettler.
- 108 creator akshay-krishnamurthy.
- 108 creator david-wagner.
- 108 type InProceedings.
- 108 label "Fine-Grained Privilege Separation for Web Applications".
- 108 sameAs 108.
- 108 abstract "We present a web application programming model that simplifies reasoning about security considerations and verifying security properties of web applications. In our model, applications can easily be divided into privilege-separated components, enabling rich security policies to be enforced. The model is designed to help external reviewers check these security properties. Privilege separation of web applications is accomplished by using an object-capability language and interfaces that expose limited, explicitly specified privileges to web application components. This approach restricts what each component of the application can do and quarantines buggy or compromised application code. This also provides a better way to safely integrate third-party, less trusted code into a web application. We have implemented a prototype of this model, based upon the Java Servlet framework, and used it to build a web mail application. Our experience with this example suggests that the approach is viable and helpful at establishing application-level security properties.".
- 108 hasAuthorList authorList.
- 108 isPartOf proceedings.
- 108 keyword "Fine-grained sharing".
- 108 keyword "access control".
- 108 keyword "privacy".
- 108 keyword "security".
- 108 title "Fine-Grained Privilege Separation for Web Applications".