Skip to Main content Skip to Navigation
Theses

Protection obligatoire des serveurs d’applications Web : application aux processus métiers

Abstract : This thesis focuses on mandatory access control in Web applications server. We present a novel approach of mandatory protection based on an abstract Web application model. Existing models of Web applications such as SOA fit with our abstract model. Our mandatory protection uses a dedicated language that allows to express the security requirements of a Web application. This dedicated protection language uses our Web application model to control efficiently the accesses of the subjects to the objects of a Web application. We establish a method to automatically compute the requested security policies facilitating thus the administration of the mandatory protection. An implementation on Microsoft-based environments uses the IIS Web server and the .Net Framework. The solution is independent from the Web applications to protect since it uses an application adaptor to interface our mandatory protection with the applications. This implementation is fully running on the workflow environments from the QualNet society, that cofunded this Ph.D thesis. Experiments show that our mandatory protection supports large scale environments since the overhead is near to 5 % and decreases when the size of the application increases.
Document type :
Theses
Complete list of metadatas

Cited literature [46 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-01069411
Contributor : Abes Star :  Contact
Submitted on : Monday, September 29, 2014 - 11:37:51 AM
Last modification on : Wednesday, November 20, 2019 - 1:42:39 AM
Long-term archiving on: : Tuesday, December 30, 2014 - 12:01:02 PM

File

maxime.fonda_3601.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01069411, version 1

Citation

Maxime Fonda. Protection obligatoire des serveurs d’applications Web : application aux processus métiers. Autre [cs.OH]. Université d'Orléans, 2014. Français. ⟨NNT : 2014ORLE2011⟩. ⟨tel-01069411⟩

Share

Metrics

Record views

529

Files downloads

3659