All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Fine Grained Access Rights Definition in a Three Tiered Information System

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216208%3A11320%2F08%3A10084062" target="_blank" >RIV/00216208:11320/08:10084062 - isvavai.cz</a>

  • Result on the web

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Fine Grained Access Rights Definition in a Three Tiered Information System

  • Original language description

    Three-tiered information systems often use application-level authentication and authorization schemes. In these architectures, successful attacks to the application server layer offer the attacker unlimited access to the database. The proposed solution to this problem is based on a set of views employing session-scope data to determine the effective user rights. These views are generated from formal description of user and group access rights rules using a XSLT-based generator. In this system, an attacker would see only empty views even in the case he gained full access to the application server. Such a system was successfully implemented and deployed to a large DataPile system with more than 50,000 users with different access rights.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

    JC - Computer hardware and software

  • OECD FORD branch

Result continuities

  • Project

    <a href="/en/project/1ET100300419" target="_blank" >1ET100300419: Intelligent Models, Algorithms, Methods and Tools for the Semantic Web (realization)</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>Z - Vyzkumny zamer (s odkazem do CEZ)

Others

  • Publication year

    2008

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    5th International Conference on Innovations in Information Technology

  • ISBN

    978-1-4244-3396-4

  • ISSN

  • e-ISSN

  • Number of pages

    5

  • Pages from-to

  • Publisher name

    IEEE Communication Society

  • Place of publication

    Los Alamitos, California

  • Event location

    Al Ain, U ARAB EMIRATES

  • Event date

    Dec 16, 2008

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    000274017600081

Similar results(10)

Web-based penetration test system and its impact on SIP serverDialogue-based picture generatorDatabase system for patient registration