Wrappers - A mechanism to support state-based authorisation in Web applications

M. S. Olivier, Ehud Gudes

Research output: Contribution to journalArticlepeer-review

3 Scopus citations


The premises of this paper are (1) security is application dependent because application semantics directly influence proper protection; but (2) applications are generally too complex to be trusted to implement security as specified by the given security policy. These problems are aggravated if the application operates over time and space. This paper proposes the use of a simple program (a "wrapper") that has enough knowledge about a specific application's potential states and the actions that are permissible in each state. Using this knowledge, it is able to filter requests that should not reach an application at a given point.

Original languageEnglish
Pages (from-to)281-292
Number of pages12
JournalData and Knowledge Engineering
Issue number3
StatePublished - 1 Dec 2002


  • Access control
  • Application security
  • State-based authorisation
  • Web security
  • Wrappers

ASJC Scopus subject areas

  • Information Systems and Management


Dive into the research topics of 'Wrappers - A mechanism to support state-based authorisation in Web applications'. Together they form a unique fingerprint.

Cite this