Enhanced enterprise web-based application security using GeoIp services

被引:0
作者
Wang, Yong [1 ]
Simmons, Dick [1 ]
机构
[1] Texas A&M Univ, Dept Comp Sci, College Stn, TX 77843 USA
来源
PROCEEDINGS OF THE 10TH IASTED INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND APPLICATIONS | 2006年
关键词
web-based application; security; GeolP services;
D O I
暂无
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
In this paper, we review different web-based application security models. Based on existing web security models, we introduce a new general model to address different web application security using user subject credentials from IP geo-location services and requested object authorization. The model defines the formulation, specification, and implementation architecture. The model is easy to justify for different web-based applications (i.e. corporation technical support website, digital library, online bank systems, etc.). Future work is discussed at the end of the paper.
引用
收藏
页码:210 / +
页数:2
相关论文
共 14 条
[1]   A content-based authorization model for digital libraries [J].
Adam, NR ;
Atluri, V ;
Bertino, E ;
Ferrari, E .
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2002, 14 (02) :296-315
[2]   An authorization model for geospatial data [J].
Atluri, V ;
Chun, SA .
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2004, 1 (04) :238-254
[3]  
Bertino E., 2001, ACM Transactions on Information and Systems Security, V4, P191, DOI 10.1145/501978.501979
[4]  
Bonatti P. A., 2002, Journal of Computer Security, V10, P241
[5]  
GARFINKEL S, 1997, WEB SECURITY COMMERC
[6]  
INDRAKANTI S, 2005, INT J WEB SERV RES, V2, P94
[7]   A generalized temporal role-based access control model [J].
Joshi, JBD ;
Bertino, E ;
Latif, U ;
Ghafoor, A .
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2005, 17 (01) :4-23
[8]   An analysis of expressiveness and design issues for the generalized temporal role-based access control model [J].
Joshi, JBD ;
Bertino, E ;
Ghafoor, A .
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2005, 2 (02) :157-175
[9]   Security models for Web-based applications [J].
Joshi, JBD ;
Aref, WG ;
Ghafoor, A ;
Spafford, EH .
COMMUNICATIONS OF THE ACM, 2001, 44 (02) :38-44
[10]   Using split capabilities for access control [J].
Karp, AH ;
Rozas, GJ ;
Bannerji, A ;
Gupta, R .
IEEE SOFTWARE, 2003, 20 (01) :42-+
12