This paper provides directions f o r web and ecommerce applications security. In particular, access contra1 policies, workflow security, X M L security arid federated database security issues pertaining to the web and e-commerce applications are discussed.

We take a look into the REST architectural style of making scalable web applications and find out the critical requirements that mismatch with the current web security and privacy architecture. One of the core challenges is the inability of the web security model to scale up with caching when millions of users share confidential data inside communities. Our contribution includes a new solution ...

Web applications that require higher levels of security have various security options that can be deployed on the server. However providing security on the client consuming the service remains a challenge especially when the application runs in a web browser. While various types of security hardware can work with the user's computer, there is no convenient way for web applications to access suc...

The massive and automated access to Web resources through robots has made it essential for Web service providers to make some conclusion about whether the "user" is a human or a robot. A Human Interaction Proof (HIP) like Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) offers a way to make such a distinction. CAPTCHA is a reverse Turing test used by Web serv...