Web Security and Log Management: An Application Centric Perspective

Autor:	William Okello-Odongo, Elisha Abade, Andrew M. Kahonge, Evans K. Miriti
Rok vydání:	2013
Předmět:	Cloud computing security business.industry Computer science Computer security computer.software_genre Web application security Internet security Asset (computer security) Security information and event management Security service Application security Web application business computer
Zdroj:	Journal of Information Security. :138-143
ISSN:	2153-1242 2153-1234
DOI:	10.4236/jis.2013.43016
Popis:	The World Wide Web has been an environment with many security threats and lots of reported cases of security breaches. Various tools and techniques have been applied in trying to curb this problem, however new attacks continue to plague the Internet. We discuss risks that affect web applications and explain how network-centric and host-centric techniques, as much as they are crucial in an enterprise, lack necessary depth to comprehensively analyze overall application security. The nature of web applications to span a number of servers introduces a new dimension of security requirement that calls for a holistic approach to protect the information asset regardless of its physical or logical separation of modules and tiers. We therefore classify security mechanisms as either infrastructure-centric or application-centric based on what asset is being secured. We then describe requirements for such application-centric security mechanisms.
Databáze:	OpenAIRE
Externí odkaz:	https://explore.openaire.eu/search/publication?articleId=doi_________::be843e2c8aebaf031372fa9a2d2de397 https://doi.org/10.4236/jis.2013.43016 Zobrazit plný text záznamu