, GuardRails: A Data-Centric Web Application Security Framework, Proceedings of the 2nd USENIX Conference on Web Application Development, 2011.
, Fine Grained Authorization Through Predicated Grants, 2007 IEEE 23rd International Conference on Data Engineering, 2007.
DOI : 10.1109/ICDE.2007.368976
, Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications, Proceedings of the 18th USENIX Security Symposium, 2009.
, Diesel, Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS '11, 2011.
DOI : 10.1145/1966913.1966971
, CLAMP: Practical Prevention of Large-Scale Data Leaks, 2009 30th IEEE Symposium on Security and Privacy, 2009.
DOI : 10.1109/SP.2009.21
, Extending query rewriting techniques for fine-grained access control, Proceedings of the 2004 ACM SIGMOD international conference on Management of data , SIGMOD '04, 2004.
DOI : 10.1145/1007568.1007631
URL : http://dspace.library.iitb.ac.in/xmlui/bitstream/10054/1550/3/0706584321.pdf
, Fine-grained access control to web databases, Proceedings of the 12th ACM symposium on Access control models and technologies , SACMAT '07, 2007.
DOI : 10.1145/1266840.1266846
URL : http://www.sis.pitt.edu/jjoshi/courses/IS2620/Spring09/Roichman.pdf
, RoleCast: Finding Missing Security Checks When You Do Not Know What Checks Are, Proceedings of the 2011 ACM Conference on Object Oriented Programming Systems Languages and Applications, 2011.
, Fix Me Up: Repairing Access-Control Bugs in Web Applications, Proceedings of the 10th USENIX Symposium on Networked Systems Design and Implementation, 2013.
, SCUTA, Proceedings of the 17th ACM symposium on Access Control Models and Technologies, SACMAT '12, 2012.
DOI : 10.1145/2295136.2295152