Radiatus: Strong User Isolation for Scalable Web Applications
نویسندگان
چکیده
Web applications are a frequent target of successful attacks. The damage is amplified by the fact that application code is responsible for security enforcement in most web frameworks. In this paper we design and implement Radiatus, a web framework where all applicationspecific computation running on the server is executed within a sandbox with the privileges of the end-user. By strongly isolating users we protect user data and service availability from application vulnerabilities. To make Radiatus practical on modern web applications, we introduce a distributed capabilities system to protect data at scale across the many distributed services that compose a modern web application. We show how this model protects applications from a large class of vulnerabilities, without compromising performance.
منابع مشابه
Client-Server Interaction in GIS Applications Through Web Services
Web services have been developed and deployed for GIS applications. Client-server interaction in such applications is limited by the service provider, such as ArcWeb Service. This paper will discuss the needs from service requester which lead to the exploration on the design and manipulation of Web Service interface. It is likely that GIS Web Service promotes the separation of spatial feature a...
متن کاملHBaseSI: Multi-row Distributed Transactions with Global Strong Snapshot Isolation on Clouds
This paper presents the “HBaseSI” client library, which provides global strong snapshot isolation (SI) for multi-row distributed transactions in HBase. This is the first strong SI mechanism developed for HBase. HBaseSI uses novel methods in handling distributed transactional management autonomously by individual clients. These methods greatly simplify the design of HBaseSI and can be generalize...
متن کاملایجاد نیمه خودکار مشاپ های سازمانی با استفاده از توصیفات معنایی
Mashups are next generation of web applications. A mashup is a lightweight web application that is created by combining information or capabilities from more than one existing resources to deliver a new and integrated experience to the user. Mashups introduce a new class of integration techniques in enterprises for implementing situational applications (i.e. applications that come together to s...
متن کاملScalable text classification as a tool for personalization
We consider scalability issues of the text classification problem where by using (multi)-labeled training documents, we try to build classifiers that assign documents into classes permitting classification in multiple classes. A new class of classification problems; called ‘scalable’, is introduced, with applications on web mining. Scalable classification utilizes newly classified instances in ...
متن کاملThe Active Information System (AIS): A Model for Developing Scalable Web Services
ABSTRACT The World Wide Web has become a primary venue for disseminating information to large numbers of users. From news stories, to music videos, to driving directions, more and more people are turning to the web to nd information they need in their day-to-day lives. As web-based services become more complex, the traditional web model is becoming insufcient. There is an increasing demand for ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014