WebApp Sec mailing list archives

Re: web application access control research

From: "George W. Capehart" <gwc () capehassoc com>
Date: Tue, 22 Apr 2003 21:21:25 -0400

On Tuesday 22 April 2003 06:46 pm, absmith () cerias purdue edu wrote:

All,

Besides the OWASP Guide, can anyone point me to papers/articles that
deal with the issues of access control of web applications?

I am looking to do a survey paper on this topic.  Basically, I am
looking for references that talk about access control in regards to
web applications: current trends, research, tools, software, ideas,
etc.


Hello Andy,

A good source for the use of RBAC with Web applications can be found at 
http://csrc.nist.gov/rbac under the heading "RBAC for Web Servers."  
Lots of goodies (even source) there . . .

Regards,
-- 
George W. Capehart

"With sufficient thrust, pigs fly just fine . . ."
 -- RFC 1925

Current thread:

web application access control research absmith (Apr 22)
- Re: web application access control research Ray Stirbei (Apr 22)
- Re: web application access control research George W. Capehart (Apr 22)
- RE: web application access control research Gunter (Apr 23)
- Re: web application access control research Gary Gwin (Apr 23)
- Re: web application access control research Jeff Williams @ Aspect (Apr 23)
  - Re: web application access control research Ray Stirbei (Apr 23)