Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications.
Michael DaltonChristos KozyrakisNickolai ZeldovichPublished in: USENIX Security Symposium (2009)
Keyphrases
- web applications
- access control
- security mechanisms
- dynamic access control
- identity management
- security requirements
- application development
- end users
- data security
- web services
- access control policies
- application developers
- security policies
- role based access control
- trust relationships
- operating system
- access control mechanism
- dynamic content
- user interface
- relational databases