Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SACMAT
2010
ACM
2010
ACM
An architecture for enforcing end-to-end access control over web applications
The web is now being used as a general platform for hosting distributed applications like wikis, bulletin board messaging systems and collaborative editing environments. Data from multiple applications originating at multiple sources all intermix in a single web browser, making sensitive data stored in the browser subject to a broad milieu of attacks (cross-site scripting, crosssite request forgery and others). The fundamental problem is that existing web infrastructure provides no means for enforcing end-to-end security on data. To solve this we design an architecture using mandatory access control (MAC) enforcement. We overcome the limitations of traditional MAC systems, implemented solely at the operating system layer, by unifying MAC enforcement across virtual machine, operating system, networking and application layers. We implement our architecture using Xen virtual machine management, SELinux at the operating system layer, labeled IPsec for networking and our own label-enforcin...
Real-time Traffic| Added | 30 Jan 2011 |
| Updated | 30 Jan 2011 |
| Type | Journal |
| Year | 2010 |
| Where | SACMAT |
| Authors | Boniface Hicks, Sandra Rueda, Dave King 0002, Thomas Moyer, Joshua Schiffman, Yogesh Sreenivasan, Patrick McDaniel, Trent Jaeger |
Comments (0)
Researcher Info
|
