Title: Middleware support for complex and distributed security services in multi-tier web applications
Authors: De Ryck, Philippe ×
Desmet, Lieven
Joosen, Wouter #
Issue Date: Feb-2011
Publisher: Springer
Series Title: Lecture Notes in Computer Science vol:6542 pages:114-127
Conference: Engineering Secure Software And Systems edition:2 location:Madrid, Spain date:9-10 February 2011
Abstract: The security requirements of complex multi-tier web appli-
cations have shifted from simple localized needs, such as authentication
or authorization, to physically distributed but actually aggregated ser-
vices, such as end-to-end data protection, non-repudiation or patient
consent management. Currently, there is no support for integrating com-
plex security services in web architectures, nor are approaches from other
architectural models easily portable. In this paper we present the archi-
tecture of a security middleware, aimed at providing a reusable solution
bringing support for complex security requirements into the application
architecture, while addressing typical web architecture challenges, such
as the tiered model or the lack of sophisticated client-side logic. We both
evaluate the security of the middleware and present a case study and
prototype implementation, which show how the complexities of a web
architecture can be dealt with while limiting the integration effort.
ISSN: 0302-9743
Publication status: published
KU Leuven publication type: IC
Appears in Collections:Informatics Section
× corresponding author
# (joint) last author

Files in This Item:
File Description Status SizeFormat
fulltext.pdfMain Article Published 271KbAdobe PDFView/Open


All items in Lirias are protected by copyright, with all rights reserved.

© Web of science