Wrappers – A Mechanism to Support State-Based Authorization in Web Applications
The first premise of this paper is that security should ultimately be associated with an application because application semantics have a direct influence on proper protection. The second premise is that applications are generally too complex to be trusted to implement security as specified by the given security policy. These problems are aggravated if the application operates over normal time and space constraints: The best example of such applications is workflow systems where various actors — possibly from multiple organisations — interact on long transactions to complete a given task.
The solution presented in this paper is an approach referred to as wrappers: a wrapper is a simple program that has enough knowledge about a specific application’s potential states and the actions that are permissible in each state. Using this knowledge, it is able to filter requests that should not reach an application at a given point. It is important to note that wrappers are not intended to subsume the security functionality of an application, but serve as an additional check.
The paper presents its concepts in a World-wide Web environment that renders it immediately useful.
KeywordsSecurity Policy Authentication Server Application Security Login Request Database Security
- V Atluri and WK Huang, “An extended petri net model for supporting workflow in a multilevel secure environment,” in P Samarati and RS Sandhu, Database Security X: Status and Prospects, Chapman & Hall, 1997, pp. 240–258.Google Scholar
- J Biskup and C Eckert, “About the Enforcement of State Dependent Security Specifications,” in TF Keefe and CE Landwehr (eds), Database Security VII, Elsevier, 1994, 3–17Google Scholar
- F Casati, S Ceri, B Pernici, G Pozz, “Conceptual Modelling of Workflows” Proc. of the Object-oriented and Entity-Relationship Conf., Australia, 1995.Google Scholar
- CERT, Buffer Overflow in MIME-aware Mail and News Clients, CERT Advisory CA-98.10Google Scholar
- W Ford and MS Baum, Secure Electronic Commerce: Building the Infrastructure for Digital Signatures and Encryption, Prentice Hall, 1997Google Scholar
- SA Demurjian, TC Ting and M Saba, “Agent approaches to enforce Role-based security in distributed and web-based computing,” Proceedings IFIP WG 11.3 Workshop on Database Security, Seattle, Washington, 1999, pp. 65–77.Google Scholar
- E Gudes, MS Olivier and RP van de Riet, “Modelling, Specifying and implementing workflow security in Cyberspace”, Journal of Computer Security, Journal of Computer Security, 7,4, 287–315, 1999Google Scholar
- R Fielding, J Gettys, J Mogul, H Frystyk, L Masinter, P Leach, T Berners-Lee, Hypertext Transfer Protocol — HTTP/1.1. RFC 2616, Internet SocietyGoogle Scholar
- S Garfinkel and G Spafford, Practical Unix & Internet Security, 2nd ed, O’Reilly, 1996Google Scholar
- D Harel and M Politi, Modeling Reactive Systems with Statecharts: the STATEMATE Approach, McGraw-Hill, 1998Google Scholar
- CD McCollum, DB Faatz, WR Herndon, EJ Sebes, RK Thomas, “Distributed object technologies databases and security”, proceedings IFIP WG 11.3 Workshop on Database Security, Lake Tahoe, Ca. 1997, pp. 17–33.Google Scholar
- MS Olivier, RP van de Riet and E Gudes “Specifying Application-level Security in Workflow Systems,” in R Wagner (ed), Proceedings of the Ninth International Workshop on Security of Data Intensive Applications (DEXA 98), 346–351, IEEE, 1998Google Scholar
- J Park, R Sandhu and S Ghanta, “RBAC on the Web by secure cookies,” Proceedings IFIP WG 11.3 Workshop on Database Security, Seattle, Washington, 1999, pp. 41–54.Google Scholar
- LD Stein, Web Security: A Step-by-Step Reference Guide, Addison-Wesley, 1998Google Scholar
- Z Tari, “Designing security agents for the DOK federated system,” Proceedings IFIP WG 11.3 Workshop on Database Security, Lake Tahoe, Ca. 1997, pp. 35–59Google Scholar
- G Wiederhold, M Billelo and C Donahue, “Web implementation of a security mediator for medical databases,” Proceedings IFIP WG 11.3 Workshop on Database Security, Lake Tahoe, Ca. 1997, pp. 60–72.Google Scholar