Sciweavers

Share
C3S2E
2009
ACM

A verification framework for access control in dynamic web applications

10 years 3 months ago
A verification framework for access control in dynamic web applications
This paper proposes a security analysis framework for dynamic web applications. A reverse engineering process is performed over a dynamic web application to extract a rolebased access control security model. A formal analysis is applied on the recovered model to check access control security properties. This framework can be used to verify that a dynamic web application conforms to access control polices specified by a security engineer. Categories and Subject Descriptors D.2.7 [Software Engineering]: Distribution, Maintenance, and Enhancement--reverse engineering; J.8 [Computer Applications]: Internet Applications
Manar H. Alalfi, James R. Cordy, Thomas R. Dean
Added 12 Aug 2010
Updated 12 Aug 2010
Type Conference
Year 2009
Where C3S2E
Authors Manar H. Alalfi, James R. Cordy, Thomas R. Dean
Comments (0)
books