Title :
Securing multi-tiered web applications
Author :
Mathew, George ; Du, Xiaojiang
Author_Institution :
Dept. of Comput. & Inf. Sci., Temple Univ., Philadelphia, PA, USA
Abstract :
Multi-tiered architecture is very common in today´s enterprise web applications. It is necessary to secure channels in each tier in order to secure a multi-tiered web application. For a non-HTTP based channel, there are several options to secure the channel. These security options have been used in a number of applications. However, it is not clear which option has better performance (such as delay, security strength, etc). In our research, we conducted real-network experiments to study the performances of several popular security protocols that are being used for securing multi-tiered web applications. Our experimental results provide several useful insights and guidelines for the design and deployment of secure multi-tiered web application.
Keywords :
Application software; Authentication; Communication channels; Communication system security; Containers; Cryptography; Data security; Logic; Protocols; Service oriented architecture; Security; multi-tiered applications; web applications;
Conference_Titel :
Wireless Communications, Networking and Information Security (WCNIS), 2010 IEEE International Conference on
Conference_Location :
Beijing, China
Print_ISBN :
978-1-4244-5850-9
DOI :
10.1109/WCINS.2010.5541830
