Access Restriction

Author Parno, B. ♦ McCune, J.M. ♦ Wendlandt, D. ♦ Andersen, D.G. ♦ Perrig, A.
Source IEEE Xplore Digital Library
Content type Text
Publisher Institute of Electrical and Electronics Engineers, Inc. (IEEE)
File Format PDF
Copyright Year ©2009
Language English
Subject Domain (in DDC) Computer science, information & general works ♦ Data processing & computer science
Subject Keyword Clamps ♦ Large-scale systems ♦ Web server ♦ Operating systems ♦ Lamps ♦ Application software ♦ Programming profession ♦ Data security ♦ Service oriented architecture ♦ Protection
Abstract Providing online access to sensitive data makes web servers lucrative targets for attackers. A compromise of any of the web server's scripts, applications, or operating system can leak the sensitive data of millions of customers. Unfortunately, many systems for stopping data leaks require considerable effort from application developers, hindering their adoption.In this work, we investigate how such leaks can be prevented with minimal developer effort. We propose CLAMP, an architecture for preventing data leaks even in the presence of web server compromises or SQL injection attacks. CLAMP protects sensitive data by enforcing strong access control on user data and by isolating code running on behalf of different users. By focusing on minimizing developer effort, we arrive at an architecture that allows developers to use familiar operating systems, servers, and scripting languages, while making relatively few changes to application code -- less than 50 lines in our applications.
ISBN 9780769536330
ISSN 10816011
Educational Role Student ♦ Teacher
Age Range above 22 year
Educational Use Research ♦ Reading
Education Level UG and PG
Learning Resource Type Article
Publisher Date 2009-05-17
Publisher Place USA
Rights Holder Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Size (in Bytes) 296.91 kB
Page Count 16
Starting Page 154
Ending Page 169

Source: IEEE Xplore Digital Library