Users tracking and roles mining in web-based applications

Yaron Gonen

doi:10.1145/1966874.1966877

Users tracking and roles mining in web-based applications

Yaron Gonen

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

When a database is accessed via a web application, web-users are not connect directly to the database, but rather via the web application. From a database point of view, such a connection is always established by the same db-user (i.e. the web application's db-user) and specific data on the web-user is not available to the database. As a consequence, web-users' specific data cannot be audited and fine-grained access control cannot be implemented. We propose a method that provide the ability to track the web-users in web databases. The new method can be applied to legacy web applications without requiring any changes in their existing infrastructure. Using the tracked database, we propose a method to identify logical sessions (business logic), which we will use to mine the true users-roles of the web application.

Original language	English
Title of host publication	Proceedings - Joint EDEBT/ICDT PhD Workshop 2011, PhD'11
Publisher	Association for Computing Machinery
Pages	14-18
Number of pages	5
ISBN (Print)	9781450306966
DOIs	https://doi.org/10.1145/1966874.1966877
State	Published - 1 Jan 2011
Event	Joint EDBT/ICDT Ph.D. Workshop 2011, PhD'11, Held in Conjunction with the 14th International Conference on Extending Database Technology, EDBT 2011 and the 14th International Conference on Database Theory, ICDT 2011 - Uppsala, Sweden Duration: 25 Mar 2011 → 25 Mar 2011

Publication series

Name	ACM International Conference Proceeding Series

Conference

Conference	Joint EDBT/ICDT Ph.D. Workshop 2011, PhD'11, Held in Conjunction with the 14th International Conference on Extending Database Technology, EDBT 2011 and the 14th International Conference on Database Theory, ICDT 2011
Country/Territory	Sweden
City	Uppsala
Period	25/03/11 → 25/03/11

ASJC Scopus subject areas

Software
Human-Computer Interaction
Computer Vision and Pattern Recognition
Computer Networks and Communications

Access to Document

10.1145/1966874.1966877

Cite this

@inproceedings{a224d46005ba44ceb39b39e28ae7e595,

title = "Users tracking and roles mining in web-based applications",

abstract = "When a database is accessed via a web application, web-users are not connect directly to the database, but rather via the web application. From a database point of view, such a connection is always established by the same db-user (i.e. the web application's db-user) and specific data on the web-user is not available to the database. As a consequence, web-users' specific data cannot be audited and fine-grained access control cannot be implemented. We propose a method that provide the ability to track the web-users in web databases. The new method can be applied to legacy web applications without requiring any changes in their existing infrastructure. Using the tracked database, we propose a method to identify logical sessions (business logic), which we will use to mine the true users-roles of the web application.",

author = "Yaron Gonen",

year = "2011",

month = jan,

day = "1",

doi = "10.1145/1966874.1966877",

language = "English",

isbn = "9781450306966",

series = "ACM International Conference Proceeding Series",

publisher = "Association for Computing Machinery",

pages = "14--18",

booktitle = "Proceedings - Joint EDEBT/ICDT PhD Workshop 2011, PhD'11",

note = "Joint EDBT/ICDT Ph.D. Workshop 2011, PhD'11, Held in Conjunction with the 14th International Conference on Extending Database Technology, EDBT 2011 and the 14th International Conference on Database Theory, ICDT 2011 ; Conference date: 25-03-2011 Through 25-03-2011",

}

Gonen, Y 2011, Users tracking and roles mining in web-based applications. in Proceedings - Joint EDEBT/ICDT PhD Workshop 2011, PhD'11. ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 14-18, Joint EDBT/ICDT Ph.D. Workshop 2011, PhD'11, Held in Conjunction with the 14th International Conference on Extending Database Technology, EDBT 2011 and the 14th International Conference on Database Theory, ICDT 2011, Uppsala, Sweden, 25/03/11. https://doi.org/10.1145/1966874.1966877

TY - GEN

T1 - Users tracking and roles mining in web-based applications

AU - Gonen, Yaron

PY - 2011/1/1

Y1 - 2011/1/1

N2 - When a database is accessed via a web application, web-users are not connect directly to the database, but rather via the web application. From a database point of view, such a connection is always established by the same db-user (i.e. the web application's db-user) and specific data on the web-user is not available to the database. As a consequence, web-users' specific data cannot be audited and fine-grained access control cannot be implemented. We propose a method that provide the ability to track the web-users in web databases. The new method can be applied to legacy web applications without requiring any changes in their existing infrastructure. Using the tracked database, we propose a method to identify logical sessions (business logic), which we will use to mine the true users-roles of the web application.

AB - When a database is accessed via a web application, web-users are not connect directly to the database, but rather via the web application. From a database point of view, such a connection is always established by the same db-user (i.e. the web application's db-user) and specific data on the web-user is not available to the database. As a consequence, web-users' specific data cannot be audited and fine-grained access control cannot be implemented. We propose a method that provide the ability to track the web-users in web databases. The new method can be applied to legacy web applications without requiring any changes in their existing infrastructure. Using the tracked database, we propose a method to identify logical sessions (business logic), which we will use to mine the true users-roles of the web application.

UR - http://www.scopus.com/inward/record.url?scp=79955773054&partnerID=8YFLogxK

U2 - 10.1145/1966874.1966877

DO - 10.1145/1966874.1966877

M3 - Conference contribution

AN - SCOPUS:79955773054

SN - 9781450306966

T3 - ACM International Conference Proceeding Series

SP - 14

EP - 18

BT - Proceedings - Joint EDEBT/ICDT PhD Workshop 2011, PhD'11

PB - Association for Computing Machinery

T2 - Joint EDBT/ICDT Ph.D. Workshop 2011, PhD'11, Held in Conjunction with the 14th International Conference on Extending Database Technology, EDBT 2011 and the 14th International Conference on Database Theory, ICDT 2011

Y2 - 25 March 2011 through 25 March 2011

ER -

Users tracking and roles mining in web-based applications

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this