Advertisement

Web Application Security Gateway with Java Non-blocking IO

  • Zhenxing Luo
  • Nuermaimaiti Heilili
  • Dawei XU
  • Chen Zhao
  • Zuoquan Lin
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4032)

Abstract

We present the design and implementation of the WebDaemon Security Gateway (WDSG) with the techniques of event-driving, non-blocking IO multiplexing, secure cookies, SSL and caches based on PKI framework and role-based access control (RBAC) policy. It not only supports massive concurrency and avoids the pitfalls of traditional block I/O based design, but also is able to secure all the resources of an enterprise and reduce the cost and complexity of administration.

Keywords

Access Control Average Response Time Access Control Policy Cache Object Discretionary Access Control 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Zhao, C., Chen, Y., Xu, D., Heilili, N., Lin, Z.: Integrative Security Management for Web-Based Enterprise Applications. In: Fan, W., Wu, Z., Yang, J. (eds.) WAIM 2005. LNCS, vol. 3739, pp. 618–625. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  2. 2.
    Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, D., Chandramoli: Proposed nist standard for role-based access control. ACM Transactions on Information and System Security (TISSEC) 4, 224–274 (2001)CrossRefGoogle Scholar
  3. 3.
    Park, J., Sandhu, R.: Secure cookies on the web. IEEE Internet Computing 4, 36–45 (2000)CrossRefGoogle Scholar
  4. 4.
  5. 5.
    Osborn, S., Sandhu, R., Munawer, Q.: Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security 3, 85–106 (2000)CrossRefGoogle Scholar
  6. 6.
    Housley, R., Ford, W., Polk, W., Solo, D.: Citicorp: Internet x. 509 public key infrastructure certificate and crl profile, network working group request for comments: 2459 category. Standards track (1999), http://www.ietf.org/rfc/rfc2459.txt
  7. 7.
    Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. IEEE Computer 29, 38–47 (1996)Google Scholar
  8. 8.
    Al-Kahtani, M.A., Sandhu, R.: A model for attribute-based user-role assignment. In: Proceedings of the 18th Annual Computer Security Applications Conference, Las Vegas, Nevada, USA, pp. 353–362 (2002)Google Scholar
  9. 9.
    Rodriguez, P., Sibal, S.: Spread: scalable platform for reliable and efficient automated distribution. The International Journal of Computer and Telecommunications Networking 33, 33–49 (2000)Google Scholar
  10. 10.
    Beltran, V., Carrera, D., Torres, J., Ayguade, E.: Evaluating the scalability of java event-driven web server. Intelligent Computer Communication and Processing 0, 134–142 (2004)Google Scholar
  11. 11.
    American National Standards Institute, Inc. Role-based access control. ANSI INCITS 359-2004, http://csrc.nist.gov/rbac/

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Zhenxing Luo
    • 1
  • Nuermaimaiti Heilili
    • 1
  • Dawei XU
    • 1
  • Chen Zhao
    • 1
  • Zuoquan Lin
    • 1
  1. 1.LMAM, Department of Information SciencePeking UniversityBeijingChina

Personalised recommendations