从Web服务器安全到Web组件安全

IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings. Pub Date : 2003-10-14 DOI:10.1109/CCST.2003.1297556

Sheng Lin

{"title":"从Web服务器安全到Web组件安全","authors":"Sheng Lin","doi":"10.1109/CCST.2003.1297556","DOIUrl":null,"url":null,"abstract":"Web servers are increasingly being adopted as a viable means to access Internet-based applications. Current solutions to secure Web servers are not comprehensive or robust enough to protect servers and applications from today's hackers. Protection profile gives us a systematic approach to examine the minimum-security requirements of a system. Therefore, we derive the Web security components that make a secure Web serve from the Web Server Protection Profile. A component-based framework as well as an open source solution is given subsequently. We believe that after the system is implemented and deployed, it functions reliably and effectively. We aim at establishing the provable reliability of construction and the feasibility of component-based solutions for the secure Web server.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"From Web server security to Web components security\",\"authors\":\"Sheng Lin\",\"doi\":\"10.1109/CCST.2003.1297556\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Web servers are increasingly being adopted as a viable means to access Internet-based applications. Current solutions to secure Web servers are not comprehensive or robust enough to protect servers and applications from today's hackers. Protection profile gives us a systematic approach to examine the minimum-security requirements of a system. Therefore, we derive the Web security components that make a secure Web serve from the Web Server Protection Profile. A component-based framework as well as an open source solution is given subsequently. We believe that after the system is implemented and deployed, it functions reliably and effectively. We aim at establishing the provable reliability of construction and the feasibility of component-based solutions for the secure Web server.\",\"PeriodicalId\":344868,\"journal\":{\"name\":\"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-10-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCST.2003.1297556\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2003.1297556","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

越来越多的人采用Web服务器作为访问基于internet的应用程序的可行手段。当前用于保护Web服务器的解决方案不够全面，也不够健壮，无法保护服务器和应用程序免受当今黑客的攻击。保护配置文件为我们提供了一种系统的方法来检查系统的最低安全要求。因此，我们从Web服务器保护配置文件派生出构建安全Web服务的Web安全组件。随后给出了基于组件的框架和开源解决方案。我们认为，系统实施部署后，运行可靠、有效。我们的目标是为安全Web服务器建立可证明的构建可靠性和基于组件的解决方案的可行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

From Web server security to Web components security

Web servers are increasingly being adopted as a viable means to access Internet-based applications. Current solutions to secure Web servers are not comprehensive or robust enough to protect servers and applications from today's hackers. Protection profile gives us a systematic approach to examine the minimum-security requirements of a system. Therefore, we derive the Web security components that make a secure Web serve from the Web Server Protection Profile. A component-based framework as well as an open source solution is given subsequently. We believe that after the system is implemented and deployed, it functions reliably and effectively. We aim at establishing the provable reliability of construction and the feasibility of component-based solutions for the secure Web server.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.

自引率

0.00%

发文量

期刊最新文献

Proxy certificates-based digital fingerprinting scheme for mobile communication Efficient method for security image data compression Design of a computer-aided system for risk assessment on information systems Contingency planning: emergency preparedness for terrorist attacks Integration of trusted operating system from open source