Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2007
ACM
2007
ACM
Improving multi-tier security using redundant authentication
Multi-tier web server systems are used in many important contexts and their security is a major cause of concern. Such systems can exploit strategies like least privilege to make lower tiers more secure in the presence of compromised higher tiers. In this paper, we investigate an extension of this technique in which higher tiers are required to provide evidence of the authentication of principals when they make requests of lower tiers. This concept, which we call redundant authentication, enables lower tiers to provide security guarantees that improve significantly over current least privilege strategies. We validate this technique by applying it to a practical Building Automation System (BAS) application, where we explore the use of redundant authentication in conjunction with an authentication proxy to enable interoperation with existing enterprise authentication services. Categories and Subject Descriptors: D.4.6 [Security and Protection], J.7 [Computers in other systems], K.6.5 [S...
Real-time TrafficRelated Content
| Added | 12 Aug 2010 |
| Updated | 12 Aug 2010 |
| Type | Conference |
| Year | 2007 |
| Where | CCS |
| Authors | Jodie P. Boyer, Ragib Hasan, Lars E. Olson, Nikita Borisov, Carl A. Gunter, David Raila |
Comments (0)
Researcher Info
|
