Nemesis: Preventing Authentication & [and] Access Control Vulnerabilities in Web Applications

This paper presents Nemesis, a novel methodology for mitigating authentication bypass and access control vulnerabilities in existing web applications. Authentication attacks occur when a web application authenticates users unsafely, granting access to web clients that lack the appropriate crede...

Full description

Bibliographic Details
Main Authors: Dalton, Michael, Kozyrakis, Christos, Zeldovich, Nickolai
Other Authors: Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory
Format: Article
Language:en_US
Published: USENIX Association 2011
Online Access:http://hdl.handle.net/1721.1/62182
https://orcid.org/0000-0003-0238-2703