Using traditional and emerging access control approached to develop secure applications far the Web.
THE RAPID PROLIFERATION of the Internet and the cost-effective growth of its key enabling technologies are revolutionizing information technology and creating unprecedented opportunities for developing large-scale distributed applications. At the same time, there is a growing concern over the security of Web-based applications, which are rapidly being deployed over the Internet . For example, e-commerce--the leading Web-based application--is projected to have a market exceeding $1 trillion over the next several years. However, this application has already become a security nightmare for both customers and business enterprises as indicated by the recent episodes involving unauthorized access to credit card information. Other leading Web-based applications with considerable information security and privacy issues include telemedicine-based health-care services and online services or businesses involving both public and private sectors. Many of these applications are supported by workflow management systems (WFMSs) . A large number of public and private enterprises are in the forefront of adopting Internet-based WFMSs and finding ways to improve their services and decision-making processes, hence we are faced with the daunting challenge of ensuring the security and privacy of information in such Web-based applications .
Typically, a Web-based application can be represented as a three-tier architecture, depicted in the figure, which includes a Web client, network servers, and a back-end information system supported by a suite of databases. For transaction-oriented applications, such as e-commerce, middleware is usually provided between the network servers and back-end systems to ensure proper interoperability. Considerable security challenges and vulnerabilities exist within each component of this architecture. Existing public-key infrastructures (PKIs) provide encryption mechanisms for ensuring information confidentiality, as well as digital signature techniques for authentication, data integrity and non-repudiation . As no access authorization services are provided in this approach, it has a rather limited scope for Web-based applications.
The strong need for information security on the Internet is attributable to several factors, including the massive interconnection of heterogeneous and distributed systems, the availability of high volumes of sensitive information at the end systems maintained by corporations and government agencies, easy distribution of automated malicious software by malfeasors, the ease with which computer crimes can be committed anonymously from across geographic boundaries, and the lack of forensic evidence in computer crimes, which makes the detection and prosecution of criminals extremely difficult.
Two classes of services are crucial for a secure Internet infrastructure. These include access control services and communication security services. Access control services protect Internet resources from unauthorized use, whereas communication security services ensure confidentiality and integrity of data transmitted over the network, in addition to nonrepudiation of services to the communicating entities. An important prerequisite for access control is user authentication, the process that establishes the identity of a user. In the context of the Internet, we assume authentication is handled communication security services.
Security in the Web Environment
End users are exposed to several security and privacy risks when using Web browsers, and browser vulnerabilities can result in compromising the security of a Web client . Information about a user such as login name or machine name can be collected and used to profile the user, thus raising serious privacy concerns. Cookies, the data stored on the client's machine and exchanged between the Web client and the Web server to maintain connection information, can be used for the purpose of gathering such information. A source of vulnerability at the client site also comes from the use of executable content on the Web, such as Java applets, ActiveX controls, and the like. The current improvement in JDK1.2, which allows signed applets, requires the client to use a security policy for downloadable applets. Many sites also use push technology to deliver Web content to clients. This process can result in serious security breaches, as the content provider can exploit browser vulnerabilities by sending malicious executable code or by overwhelming the system by pushing a high volume of information.
Network servers are the places where most network services are located, such as the Web server, the mail server, and so forth. Firewall technology has become the most popular defense for …