Business services are increasingly dependent upon Web applications. Whereas URL-based access control is one of the most prominent and pervasive security mechanism in use, failure to restrict URL accesses is still a major security risk.We argue that this risk can be mitigated by providing formal analysis tools to evaluate access control policies as well as the impact of changes on configurations.
In order to tackle this issue, this paper gives a formal semantics for access control constraints standardized in the J2EE Java Servlet Specification, arguably one of the most common framework for web applications. Two different analysis tools are developed on top of this formal building block: a decision engine and a comparison algorithm for change impact of access control configurations. The formal semantics is compared against two major web application containers. The experiments reveal non-compliant access control decisions of these containers and validate our approach.
Article court accepté à TrustBus'12. RR "version longue" bientôt à disposition.
