This paper deals with a joint use of a trust evaluation approach and access control mechanisms for improving security in Web-usage. Trust evaluation is achieved by means of both be...
Luiz Fernando Rust C. Carmo, Breno G. de Oliveira,...
Taint analysis, a form of information-flow analysis, establishes whether values from untrusted methods and parameters may flow into security-sensitive operations. Taint analysis...
Omer Tripp, Marco Pistoia, Stephen J. Fink, Manu S...
Mashups are new Web 2.0 applications that seamlessly combine contents from multiple heterogeneous data sources into one integrated browser environment. The hallmark of these appli...
We present a technique for finding security vulnerabilities in Web applications. SQL Injection (SQLI) and crosssite scripting (XSS) attacks are widespread forms of attack in whic...
Adam Kiezun, Philip J. Guo, Karthick Jayaraman, Mi...
Cross-site scripting (XSS) is an attack against web applications in which scripting code is injected into the output of an application that is then sent to a user’s web browser....
Philipp Vogt, Florian Nentwich, Nenad Jovanovic, E...