WebApp Sec mailing list archives
Re: web application access control research
From: Gary Gwin <websec () cafesoft com>
Date: Wed, 23 Apr 2003 08:49:06 -0700
Andy,The following links reference a conceptual and object model for an Access Control Service, which is modeled based upon SAML and other modern access control concepts (e.g., security domains, policy decision points, policy enforcement points, etc.). Some XML configuration examples for defining rules and permissions are also provided.
http://www.cafesoft.com/products/cams/docs/admin/AccessControlServices.html Also of use is the architectual introduction: http://www.cafesoft.com/products/cams/docs/admin/Introduction.html Gary absmith () cerias purdue edu wrote:
All,Besides the OWASP Guide, can anyone point me to papers/articles that deal with the issues of access control of web applications?I am looking to do a survey paper on this topic. Basically, I am looking for references that talk about access control in regards to web applications: current trends, research, tools, software, ideas, etc.Any help would be great. Thanks in advance! - Andy
-- Gary Gwin http://www.cafesoft.com ***************************************************************** * * * The Cafesoft Access Management System, Cams, is security * * software that provides single sign-on authentication and * * centralized access control for Apache, Tomcat, and custom * * resources. * * * *****************************************************************
Current thread:
- web application access control research absmith (Apr 22)
- Re: web application access control research Ray Stirbei (Apr 22)
- Re: web application access control research George W. Capehart (Apr 22)
- RE: web application access control research Gunter (Apr 23)
- Re: web application access control research Gary Gwin (Apr 23)
- Re: web application access control research Jeff Williams @ Aspect (Apr 23)
- Re: web application access control research Ray Stirbei (Apr 23)