Gritzalis et al., 1997 - Google Patents
Addressing threats and security issues in World Wide Web technologyGritzalis et al., 1997
View PDF- Document ID
- 12618417687193894808
- Author
- Gritzalis S
- Spinellis D
- Publication year
- Publication venue
- Communications and Multimedia Security: Volume 3
External Links
Snippet
We outline the Web technologies and the related threats within the framework of a Web threat environment. We also examine the issue surrounding dowloadable executable content and present a number of security services that can be used for Web uansactions …
- 238000005516 engineering process 0 title description 14
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation, e.g. computer aided management of electronic mail or groupware; Time management, e.g. calendars, reminders, meetings or time accounting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management, e.g. organising, planning, scheduling or allocating time, human or machine resources; Enterprise planning; Organisational models
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7627896B2 (en) | Security system providing methodology for cooperative enforcement of security policies during SSL sessions | |
| US7437550B2 (en) | System for providing session-based network privacy, private, persistent storage, and discretionary access control for sharing private data | |
| US20040064710A1 (en) | Document security system that permits external users to gain access to secured files | |
| US20020046350A1 (en) | Method and system for establishing an audit trail to protect objects distributed over a network | |
| US20110173443A1 (en) | Secure extranet server | |
| US20030051172A1 (en) | Method and system for protecting digital objects distributed over a network | |
| Moradian | Possible attacks on XML web services | |
| US20030237005A1 (en) | Method and system for protecting digital objects distributed over a network by electronic mail | |
| WO2003079629A1 (en) | Secured web entry server | |
| WO2002023798A1 (en) | System for protecting objects distributed over a network | |
| Gritzalis et al. | Addressing threats and security issues in World Wide Web technology | |
| Chadwick | Threat modelling for active directory | |
| Kuyoro et al. | Security issues in web services | |
| Spinellis | Addressing Threats and Security Issues in World Wide Web Technology | |
| Foo et al. | Security considerations in the delivery of Web‐based applications: a case study | |
| Maler et al. | Security and privacy considerations for the oasis security assertion markup language (saml) v2. 0 | |
| Kumar et al. | Realization of threats and countermeasure in Semantic Web services | |
| Siddiqui et al. | Secure E-business transactions by securing web services | |
| Holtkamp | The role of XML firewalls for web services | |
| Kossakowski et al. | Securing public web servers | |
| Broekman | End-to-end application security using trusted computing | |
| Sedaghat | Web authenticity | |
| Burghard | CovertNet: Circumventing Web Surveillance Using Covert Channels | |
| Van Jaarsveld | Internal Control with Specific Reference to the Intranet | |
| Hodges et al. | Security and privacy considerations for the oasis security assertion markup language (saml) |