{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:54:27Z","timestamp":1750308867090,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":25,"publisher":"ACM","license":[{"start":{"date-parts":[[2012,6,20]],"date-time":"2012-06-20T00:00:00Z","timestamp":1340150400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2012,6,20]]},"DOI":"10.1145\/2295136.2295152","type":"proceedings-article","created":{"date-parts":[[2012,6,20]],"date-time":"2012-06-20T13:33:01Z","timestamp":1340199181000},"page":"71-82","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["SCUTA"],"prefix":"10.1145","author":[{"given":"Xi","family":"Tan","sequence":"first","affiliation":[{"name":"Syracuse University , Syracuse , NY, USA"}]},{"given":"Wenliang","family":"Du","sequence":"additional","affiliation":[{"name":"Syracuse University , Syracuse , NY, USA"}]},{"given":"Tongbo","family":"Luo","sequence":"additional","affiliation":[{"name":"Syracuse University , Syracuse , NY, USA"}]},{"given":"Karthick Duraisamy","family":"Soundararaj","sequence":"additional","affiliation":[{"name":"Syracuse University , Syracuse , NY, USA"}]}],"member":"320","published-online":{"date-parts":[[2012,6,20]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"J. Alpert and N. Jesse \"We knew the web was big...\" The Official Google Blog. http:\/\/googleblog.blogspot.com\/2008\/07\/we-knew-web-was-big.html 2008.  J. Alpert and N. Jesse \"We knew the web was big...\" The Official Google Blog. http:\/\/googleblog.blogspot.com\/2008\/07\/we-knew-web-was-big.html 2008."},{"key":"e_1_3_2_1_2_1","unstructured":"N. Intelligence \"Domain counts & internet statistics \" http:\/\/www.domaintools.com\/internet-statistics\/ May 2009.  N. Intelligence \"Domain counts & internet statistics \" http:\/\/www.domaintools.com\/internet-statistics\/ May 2009."},{"key":"e_1_3_2_1_3_1","volume-title":"Trends for july-december 2007 (executive summary),\" Page 1--2","author":"S. Corp.","year":"2008","unstructured":"S. Corp. , \"Symantec internet security threat report : Trends for july-december 2007 (executive summary),\" Page 1--2 , 2008 . S. Corp., \"Symantec internet security threat report: Trends for july-december 2007 (executive summary),\" Page 1--2, 2008."},{"key":"e_1_3_2_1_4_1","volume-title":"WhiteHat Security, \"Whitehat website security statistic report","year":"2010","unstructured":"WhiteHat Security, \"Whitehat website security statistic report , 10 th edition,\" 2010 . WhiteHat Security, \"Whitehat website security statistic report, 10th edition,\" 2010.","edition":"10"},{"volume-title":"http:\/\/www.w3.org\/TR\/cors\/","year":"2010","key":"e_1_3_2_1_5_1","unstructured":"\"Cross-origin resource sharing,\" URL : http:\/\/www.w3.org\/TR\/cors\/ , 2010 . \"Cross-origin resource sharing,\" URL: http:\/\/www.w3.org\/TR\/cors\/, 2010."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1135777.1135884"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1255329.1255346"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315254"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.21"},{"key":"e_1_3_2_1_10_1","volume-title":"Montreal","author":"Dalton M.","year":"2009","unstructured":"M. Dalton , C. Kozyrakis , and N. Zeldovich , \" Nemesis: Preventing authentication & access control vulnerabilities in web applications,\" in Proceedings of the Eighteenth Usenix Security Symposium (Usenix Security) , Montreal , Canada , 2009 . M. Dalton, C. Kozyrakis, and N. Zeldovich, \"Nemesis: Preventing authentication & access control vulnerabilities in web applications,\" in Proceedings of the Eighteenth Usenix Security Symposium (Usenix Security), Montreal, Canada, 2009."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2010.71"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2011.87"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/361268.361275"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242654"},{"key":"e_1_3_2_1_15_1","unstructured":"M. V. Gundy and H. Chen \"Noncespaces: Using randomization to enforce information flow tracking and thwart cross-site scripting attacks \" in Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS) San Diego CA February 2009.  M. V. Gundy and H. Chen \"Noncespaces: Using randomization to enforce information flow tracking and thwart cross-site scripting attacks \" in Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS) San Diego CA February 2009."},{"key":"e_1_3_2_1_16_1","volume-title":"Advanced PHP Programming. Sams","author":"Schlossnagle G.","year":"2004","unstructured":"G. Schlossnagle , Advanced PHP Programming. Sams , 2004 . G. Schlossnagle, Advanced PHP Programming. Sams, 2004."},{"key":"e_1_3_2_1_17_1","unstructured":"\"Noscript add-ons \" URL: https:\/\/addons.mozilla.org\/en-US\/firefox\/addon\/noscript\/.  \"Noscript add-ons \" URL: https:\/\/addons.mozilla.org\/en-US\/firefox\/addon\/noscript\/."},{"volume-title":"OWASP T10 - 2010 rc1.pdf","year":"2010","key":"e_1_3_2_1_18_1","unstructured":"OWASP, \"The ten most critical web application security risks,\" http:\/\/www.owasp.org\/index.php\/File : OWASP T10 - 2010 rc1.pdf , 2010 . OWASP, \"The ten most critical web application security risks,\" http:\/\/www.owasp.org\/index.php\/File: OWASP T10 - 2010 rc1.pdf, 2010."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.29"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICWS.2006.4"},{"key":"e_1_3_2_1_21_1","first-page":"1","volume-title":"Sif: enforcing confidentiality and integrity in web applications,\" in Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium","author":"Chong S.","year":"2007","unstructured":"S. Chong , K. Vikram , and A. C. Myers , \" Sif: enforcing confidentiality and integrity in web applications,\" in Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium , 2007 , pp. 1: 1 -- 1 :16. S. Chong, K. Vikram, and A. C. Myers, \"Sif: enforcing confidentiality and integrity in web applications,\" in Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, 2007, pp. 1:1--1:16."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772747"},{"key":"e_1_3_2_1_23_1","volume-title":"Joe-e: A security-oriented subset of java,\" in 17th Network and Distributed System Security Symposium","author":"Mettler A.","year":"2010","unstructured":"A. Mettler , D. Wagner , and T. Close , \" Joe-e: A security-oriented subset of java,\" in 17th Network and Distributed System Security Symposium , 2010 . A. Mettler, D. Wagner, and T. Close, \"Joe-e: A security-oriented subset of java,\" in 17th Network and Distributed System Security Symposium, 2010."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/772970.772977"},{"key":"e_1_3_2_1_25_1","first-page":"266","volume-title":"Links: Web programming without tiers,\" in Proceedings of 5th International Symposium on Formal Methods for Components and Objects (FMCO)","author":"Cooper E.","year":"2006","unstructured":"E. Cooper , S. Lindley , P. Wadler , and J. Yallop , \" Links: Web programming without tiers,\" in Proceedings of 5th International Symposium on Formal Methods for Components and Objects (FMCO) , 2006 , pp. 266 -- 296 . E. Cooper, S. Lindley, P. Wadler, and J. Yallop, \"Links: Web programming without tiers,\" in Proceedings of 5th International Symposium on Formal Methods for Components and Objects (FMCO), 2006, pp. 266--296."}],"event":{"name":"SACMAT '12: 17th ACM Symposium on Access Control Models and Technologies","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Newark New Jersey USA","acronym":"SACMAT '12"},"container-title":["Proceedings of the 17th ACM symposium on Access Control Models and Technologies"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2295136.2295152","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2295136.2295152","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T21:15:09Z","timestamp":1750281309000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2295136.2295152"}},"subtitle":["a server-side access control system for web applications"],"short-title":[],"issued":{"date-parts":[[2012,6,20]]},"references-count":25,"alternative-id":["10.1145\/2295136.2295152","10.1145\/2295136"],"URL":"https:\/\/doi.org\/10.1145\/2295136.2295152","relation":{},"subject":[],"published":{"date-parts":[[2012,6,20]]},"assertion":[{"value":"2012-06-20","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}