Automated black-box detection of access control vulnerabilities in web applications.
Xiaowei LiXujie SiYuan XuePublished in: CODASPY (2014)
Keyphrases
- web applications
- access control
- black box
- security mechanisms
- dynamic access control
- data security
- web services
- security policies
- application development
- end users
- application developers
- role based access control
- security requirements
- access control policies
- information security
- anomaly detection
- integration testing
- test cases
- database security
- security issues
- case study