Integrated Access Control and Intrusion Detection for Web Servers

Providence, Rhode Island May 19-May 22

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ICDCS.2003.1203489

23rd IEEE International Conference on ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Tatyana Ryutov Articles by Clifford Neuman Articles by Dongho Kim Articles by Li Zhou

	ASCII Text	x
	Tatyana Ryutov, Clifford Neuman, Dongho Kim, Li Zhou, "Integrated Access Control and Intrusion Detection for Web Servers," Distributed Computing Systems, International Conference on, pp. 394, 23rd IEEE International Conference on Distributed Computing Systems (ICDCS'03), 2003.

	BibTex	x
	@article{ 10.1109/ICDCS.2003.1203489, author = {Tatyana Ryutov and Clifford Neuman and Dongho Kim and Li Zhou}, title = {Integrated Access Control and Intrusion Detection for Web Servers}, journal ={Distributed Computing Systems, International Conference on}, volume = {0}, year = {2003}, issn = {1063-6927}, pages = {394}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICDCS.2003.1203489}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Distributed Computing Systems, International Conference on TI - Integrated Access Control and Intrusion Detection for Web Servers SN - 1063-6927 SP EP A1 - Tatyana Ryutov, A1 - Clifford Neuman, A1 - Dongho Kim, A1 - Li Zhou, PY - 2003 KW - null VL - 0 JA - Distributed Computing Systems, International Conference on ER -

Tatyana Ryutov, University of Southern California

Clifford Neuman, University of Southern California

Dongho Kim, University of Southern California

Li Zhou, University of Southern California

Current intrusion detection systems work in isolation from access control for the application the systems aim to protect. The lack of coordination and inter-operation between these components prevents detecting and responding to ongoing attacks in real time, before they cause damage. To address this, we apply dynamic authorization techniques to support fine-grained access control and application level intrusion detection and response capabilities. This paper describes our experience withintegrationof the Generic Authorization and Access Control API (GAA-API) to provide dynamic intrusion detection and response for the Apache Web Server. The GAA-API is a generic interface which may be used to enable such dynamic authorization and intrusion response capabilities for many applications.

Citation:

Tatyana Ryutov, Clifford Neuman, Dongho Kim, Li Zhou, "Integrated Access Control and Intrusion Detection for Web Servers," icdcs, pp.394, 23rd IEEE International Conference on Distributed Computing Systems (ICDCS'03), 2003

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.