White Papers

ACLs Don't

Category: Security

Tags: applications

Overview The ACL model is unable to make correct access decisions for interactions involving more than two principals, since required information is not retained across message sends. Though this deficiency has long been documented in the published literature, it is not widely understood. This logic error in the ACL model is exploited by both the clickjacking and Cross-Site Request Forgery attacks that affect many Web applications.

Download White Paper

By downloading you agree to our Terms and Conditions. These include information regarding use of your personal data.

Publisher
Hewlett-Packard (HP)
File Format
PDF
Date Published
May 1, 2009
Format
White Papers
Topics
Network Security, Security Management

Similiar White Papers

Use these Registry settings to help lock down Windows

Use these Registry settings to help lock down Windows

This sample chapter, taken from Microsoft Windows Registry Guide, Second Edition discusses how to use the registr

Publisher: TechRepublic  |  Tags: microsoft windows, network, windows server, windows xp, xp

Anonymous Proxy: A Growing Trend in Internet Abuse

Anonymous Proxy: A Growing Trend in Internet Abuse

Anonymous proxies are an unseen threat--a student's or employee's backdoor to malicious or productivity-sapping sites on

Publisher: Bloxx  |  Tags: database, third-generation, trend

Tivoli WebSEAL - Sizing and Capacity Planning

Tivoli WebSEAL - Sizing and Capacity Planning

WebSEAL is a component of Tivoli Access Manager for e-business that provides an authentication and authorization mechani

Publisher: IBM  |  Tags: authentication, network, os, password, server

Balancing Security Against Productivity

Balancing Security Against Productivity

What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending atta

Publisher: Novell  |  Tags: management, security management

A Brief History of Network Security and the Need for Host Based Intrusion Detection

A Brief History of Network Security and the Need for Host Based Intrusion Detection

This paper describes the present state of information and network security with specific concentration on Host-based Int

Publisher: Tetrad Digital Integrity (TDI)  |  Tags: network, network security

Hewlett-Packard (HP) White Papers

HP Guide To System Recovery And Restore

HP Guide To System Recovery And Restore

This white paper provides an overview of operating system recovery features available in Windows 2000 and Windows XP suc

Publisher: Hewlett-Packard (HP)  |  Tags: windows 2000, windows xp, xp

HP StorageWorks VLS EVA Gateway - Continuous Access Replication Solutions Guide

HP StorageWorks VLS EVA Gateway - Continuous Access Replication Solutions Guide

This paper demonstrates how the proven replication capabilities of the HP StorageWorks Enterprise Virtual Array (EVA) ca

Publisher: Hewlett-Packard (HP)  |  Tags: data, eva, management, real-time, sans, server

Best Practices for Configuring HP StorageWorks EVA

Best Practices for Configuring HP StorageWorks EVA

A driving design objective of the HP StorageWorks Enterprise Virtual Array program was to optimize real-world performanc

Publisher: Hewlett-Packard (HP)  |  Tags: eva, management, storage management, tco

Software Quality Management for SOA: Enterprise quality managers take the helm

Software Quality Management for SOA: Enterprise quality managers take the helm

SOA brings challenges for every part of the IT organization, and the IT quality organization is no exception. SOA requi

Publisher: Hewlett-Packard (HP)  |  Tags: management, soa

Voice over Wireless LAN Solution Brief

Voice over Wireless LAN Solution Brief

Let this white paper from ProCurve Networking by HP serve as your primer on Voice over Wireless LAN (VoWLAN), a solution

Publisher: Hewlett-Packard (HP)  |  Tags: ip, voip, vowlan, wan