{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T20:24:06Z","timestamp":1743020646404,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":44,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540897613"},{"type":"electronic","value":"9783540897620"}],"license":[{"start":{"date-parts":[[2008,1,1]],"date-time":"2008-01-01T00:00:00Z","timestamp":1199145600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2008]]},"DOI":"10.1007\/978-3-540-89762-0_9","type":"book-chapter","created":{"date-parts":[[2008,11,26]],"date-time":"2008-11-26T13:21:02Z","timestamp":1227705662000},"page":"254-276","source":"Crossref","is-referenced-by-count":1,"title":["Security in Distributed Applications"],"prefix":"10.1007","author":[{"given":"Dieter","family":"Gollmann","sequence":"first","affiliation":[]}],"member":"297","reference":[{"issue":"4","key":"9_CR1","doi-asserted-by":"publisher","first-page":"706","DOI":"10.1145\/155183.155225","volume":"15","author":"M. Abadi","year":"1993","unstructured":"Abadi, M., Burrows, M., Lampson, B., Plotkin, G.: A calculus for access control in distributed systems. ACM Transactions on Programming Languages and Systems\u00a015(4), 706\u2013734 (1993)","journal-title":"ACM Transactions on Programming Languages and Systems"},{"key":"9_CR2","unstructured":"Anderson, J.: Computer security technology planning study. Technical Report 73-51, U.S. Air Force Electronic Systems Technical Report (October 1972)"},{"key":"9_CR3","doi-asserted-by":"crossref","unstructured":"Aura, T., Roe, M., Arkko, J.: Security of Internet location management. In: Proceedings of the 18th Annual Computer Security Applications Conference, pp. 78\u201387 (December 2002)","DOI":"10.1109\/CSAC.2002.1176281"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. In: Proceedings of the nineteenth ACM symposium on Operating systems principles, pp. 164\u2013177 (2003)","DOI":"10.1145\/945445.945462"},{"key":"9_CR5","unstructured":"Bell, D.E., LaPadula, L.J.: Secure computer systems: Mathematical foundations and model. Technical Report M74-244, The MITRE Corporation, Bedford, MA (May 1973)"},{"key":"9_CR6","doi-asserted-by":"crossref","unstructured":"Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote Trust-Management System Version 2, RFC 2704 (September 1999)","DOI":"10.17487\/rfc2704"},{"key":"9_CR7","doi-asserted-by":"crossref","unstructured":"Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 164\u2013173.","DOI":"10.1109\/SECPRI.1996.502679"},{"key":"9_CR8","unstructured":"Burns, J.: Cross site reference forgery. Technical report, Information Security Partners, LLC, Version 1.1 (2005)"},{"key":"9_CR9","unstructured":"CERT Coordination Center. Malicious HTML tags embedded in client web requests (2000), http:\/\/www.cert.org\/advisories\/CA-2000-02.html"},{"key":"9_CR10","unstructured":"Chess, B., O\u2019Neil, Y.T., West, J.: JavaScript hijacking. Technical report, Fortify Software (2007)"},{"key":"9_CR11","doi-asserted-by":"crossref","unstructured":"Clark, D.R., Wilson, D.R.: A comparison of commercial and military computer security policies. In: Proceedings of the 1987 IEEE Symposium on Security and Privacy, pp. 184\u2013194 (1987)","DOI":"10.1109\/SP.1987.10001"},{"key":"9_CR12","doi-asserted-by":"crossref","unstructured":"Dean, D., Felten, E.W., Wallach, D.S.: Java security: from HotJava to Netscape and beyond. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 190\u2013200 (1996)","DOI":"10.1109\/SECPRI.1996.502681"},{"key":"9_CR13","volume-title":"Cryptography and Security","author":"D.E. Denning","year":"1982","unstructured":"Denning, D.E.: Cryptography and Security. Addison-Wesley, Reading (1982)"},{"key":"9_CR14","unstructured":"Dierks, T., Rescorla, E.: The TLS protocol \u2013 version 1.1, RFC 4346 (April 2006)"},{"issue":"2","key":"9_CR15","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","volume":"29","author":"D. Dolev","year":"1983","unstructured":"Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory\u00a0IT-29(2), 198\u2013208 (1983)","journal-title":"IEEE Transactions on Information Theory"},{"issue":"7","key":"9_CR16","doi-asserted-by":"publisher","first-page":"403","DOI":"10.1145\/361011.361070","volume":"17","author":"R.S. Fabry","year":"1974","unstructured":"Fabry, R.S.: Capability-based addressing. Communications of the ACM\u00a017(7), 403\u2013412 (1974)","journal-title":"Communications of the ACM"},{"key":"9_CR17","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1007\/3-540-49135-X_7","volume-title":"Security Protocols","author":"J. Feigenbaum","year":"1999","unstructured":"Feigenbaum, J.: Overview of the ATampT Labs Trust-Management Project. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998, vol.\u00a01550, pp. 45\u201350. Springer, Heidelberg (1999)"},{"key":"9_CR18","unstructured":"Organisation for\u00a0Economic Co-operation and Development. OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (December 1980) (republished, February 2002)"},{"key":"9_CR19","unstructured":"Gasser, M.: The role of naming in secure distributed systems. In: Proceedings of the CS 1990 Symposium on Computer Security, Rome, Italy, pp. 97\u2013109 (November 1990)"},{"key":"9_CR20","unstructured":"Gasser, M., Goldstein, A., Kaufman, C., Lampson, B.: The Digital distributed system security architecture. In: Proceedings of the 1989 National Computer Security Conference (1989)"},{"issue":"1","key":"9_CR21","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1109\/JSAC.2002.806132","volume":"21","author":"D. Gollmann","year":"2003","unstructured":"Gollmann, D.: Authentication by correspondence. IEEE Journal on Selected Areas in Communications\u00a021(1), 88\u201395 (2003)","journal-title":"IEEE Journal on Selected Areas in Communications"},{"issue":"3","key":"9_CR22","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1016\/j.entcs.2005.09.044","volume":"157","author":"D. Gollmann","year":"2006","unstructured":"Gollmann, D.: Why trust is bad for security. Electronic Notes on Theoretical Computer Science\u00a0157(3), 3\u20139 (2006)","journal-title":"Electronic Notes on Theoretical Computer Science"},{"key":"9_CR23","volume-title":"Inside Java 2 Platform Security","author":"L. Gong","year":"1999","unstructured":"Gong, L.: Inside Java 2 Platform Security. Addison-Wesley, Reading (1999)"},{"key":"9_CR24","volume-title":"The protection of computer software - its technology and applications","year":"1992","unstructured":"Grover, D. (ed.): The protection of computer software - its technology and applications, 2nd edn. Cambridge University Press, Cambridge (1992)","edition":"2"},{"key":"9_CR25","doi-asserted-by":"crossref","unstructured":"Jackson, C., Barth, A., Bortz, A., Shao, W., Boneh, D.: Protecting browsers from DNS rebinding attacks. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 421\u2013431 (2007)","DOI":"10.1145\/1315245.1315298"},{"key":"9_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"444","DOI":"10.1007\/11863908_27","volume-title":"Computer Security \u2013 ESORICS 2006","author":"M. Johns","year":"2006","unstructured":"Johns, M.: SessionSafe: Implementing XSS immune session handling. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol.\u00a04189, pp. 444\u2013460. Springer, Heidelberg (2006)"},{"key":"9_CR27","unstructured":"Johns, M.: (Somewhat) breaking the same-origin policy by undermining DNS pinning. Posting to the Bug Traq Mailinglist (August 2006), http:\/\/www.securityfocus.com\/archive\/107\/443429\/30\/180\/threaded"},{"key":"9_CR28","unstructured":"Johns, M., Winter, J.: RequestRodeo: Client side protection against session riding. In: Piessens, F. (ed.) Proceedings of the OWASP Europe 2006 Conference,Departement Computerwetenschappen, Katholieke Universiteit Leuven, Report CW448, May 2006, pp. 5\u201317 (2006)"},{"key":"9_CR29","doi-asserted-by":"crossref","unstructured":"Johnson, D., Perkins, C., Arkko, J.: Mobility Support in IPv6. RFC\u00a03775 (June 2004)","DOI":"10.17487\/rfc3775"},{"key":"9_CR30","doi-asserted-by":"crossref","unstructured":"Kent, S., Seo, K.: Security architecture for the Internet protocol, RFC 4301 (December 2005)","DOI":"10.17487\/rfc4301"},{"key":"9_CR31","volume-title":"NET Framework Security","author":"B.A.L. Macchia","year":"2002","unstructured":"Macchia, B.A.L., Lange, S., Lyons, M., Martin, R., Price, K.T.: .NET Framework Security. Addison-Wesley, Reading (2002)"},{"issue":"4","key":"9_CR32","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1145\/138873.138874","volume":"10","author":"B. Lampson","year":"1992","unstructured":"Lampson, B., Abadi, M., Burrows, M., Wobber, E.: Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems\u00a010(4), 265\u2013310 (1992)","journal-title":"ACM Transactions on Computer Systems"},{"key":"9_CR33","unstructured":"H\u00e9garet, P.L., Whitmer, R., Wood , L.: Document object model (DOM). W3C Recommendation (January 2005), http:\/\/www.w3.org\/DOM\/"},{"key":"9_CR34","unstructured":"Lessig, L.: Code and other laws of cyberspace. Basic Books (1999)"},{"key":"9_CR35","doi-asserted-by":"publisher","first-page":"993","DOI":"10.1145\/359657.359659","volume":"21","author":"R.M. Needham","year":"1978","unstructured":"Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Communications of the ACM\u00a021, 993\u2013999 (1978)","journal-title":"Communications of the ACM"},{"key":"9_CR36","doi-asserted-by":"crossref","unstructured":"Neumann, C., Yu, T., Hartman, S., Raeburn, K.: The Kerberos Network Authentication Service (V5), Internet RFC 4120 (July 2005)","DOI":"10.17487\/rfc4120"},{"key":"9_CR37","unstructured":"One, A.: Smashing the stack for fun and profit. Phrack Magazine, 49 (1996)"},{"key":"9_CR38","volume-title":"The Multics System: An Examination of Its Structure","author":"E.I. Organick","year":"1972","unstructured":"Organick, E.I.: The Multics System: An Examination of Its Structure. MIT Press, Cambridge (1972)"},{"key":"9_CR39","unstructured":"Qumranet. KVM - kernel-based virtualization machine. White Paper (2006)"},{"key":"9_CR40","unstructured":"Rivest, R., Lampson, B.: SDSI \u2013 a Simple Distributed Security Infrastructure. Technical report (1996), http:\/\/theory.lcs.mit.edu\/~cis\/sdsi.html"},{"key":"9_CR41","unstructured":"Roskind, J.: Attacks against the Netscape browser. In: RSA Conference (April 2001)"},{"key":"9_CR42","unstructured":"Steiner, J.G., Neuman, C., Schiller, J.I.: Kerberos: An authentication service for open network systems. In: Proceedings of the Winter 1988 Usenix Conference (February 1988)"},{"key":"9_CR43","unstructured":"U.S. Department of Commerce, National Bureau of Standards. Data Encryption Standard, NBS FIPS PUB 46 (January 1977)"},{"key":"9_CR44","unstructured":"van Kesteren, A.: Access control for cross-site requests. W3C Working Draft (February 2008), http:\/\/www.w3.org\/TR\/access-control\/"}],"container-title":["Lecture Notes in Computer Science","Advances in Software Engineering"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-89762-0_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,15]],"date-time":"2019-05-15T15:28:01Z","timestamp":1557934081000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-89762-0_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008]]},"ISBN":["9783540897613","9783540897620"],"references-count":44,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-89762-0_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2008]]}}}