Migrating enterprises and business capabilities to cloud platforms like Amazon Web Services (AWS) has become increasingly common. However, securing operations, especially at large scales, can quickly intractable. Customer-side issues such as service misconfigurations, data breaches, insecure changes are prevalent. Furthermore, cloud-specific tactics techniques paired with application vulnerabil...

The proliferation of web services as self-contained web accessible programs and the idea of the Semantic Web of making information computer-interpretable enables the dynamic composition of complex services assembled from various individual services and typically distributed over the web. Following the paradigm of pervasive computing, pro-active agents are installed on mobile phones or PDAs oper...

Transformation from conventional business management systems to smart digital is a recurrent trend in the current era. This has led revolution, and this context, hardwired technologies software industry play significant role However, beginning, security remains serious issue for all levels of stakeholders. Software vulnerabilities lead intrusions that cause data breaches result disclosure sensi...

From 29th March to 3rd April 2009 the Dagstuhl Seminar 09141 Web Application Security was held in Schloss Dagstuhl Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar are put together in this paper. Links to full papers (if available) ...

The security requirements of complex multi-tier web applications have shifted from simple localized needs, such as authentication or authorization, to physically distributed but actually aggregated services, such as end-to-end data protection, non-repudiation or patient consent management. Currently, there is no support for integrating complex security services in web architectures, nor are app...