Skip to main content

Advertisement

Springer Nature Link
Log in
Menu
Find a journal Publish with us Track your research
Search
Cart
  1. Home
  2. Web Engineering
  3. Conference paper

Retrofitting Security into a Web-Based Information System

  • Conference paper
  • First Online: 01 January 2003
  • pp 301–305
  • Cite this conference paper
Web Engineering (ICWE 2003)
Retrofitting Security into a Web-Based Information System
  • David Bettencourt da Cruz6,
  • Bernhard Rumpe6 &
  • Guido Wimmel6 

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2722))

Included in the following conference series:

  • International Conference on Web Engineering

  • 809 Accesses

  • 1 Altmetric

Abstract

This paper reports on an incremental method that allows adding security mechanisms to an existing, but insecure system, such as a prototype or a legacy system. The incremental method is presented and as a showcase its application is demonstrated at the example of a Web-based information system.

Download to read the full chapter text

Chapter PDF

Similar content being viewed by others

Secura – A Model-Driven Solution for Rapid Security Configuration of Web Applications

Chapter © 2024

Evaluation and Comparison of Security Mechanisms In-Place in Various Web Server Systems

Chapter © 2019

An Essential Vigilance Analysis on Security of Web Applications

Chapter © 2022

References

  1. C. Eckert. IT-Sicherheit (in German). Oldenbourg Verlag, 2001.

    Google Scholar 

  2. R. Anderson: Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, 2001.

    Google Scholar 

  3. M. Vetterling, G. Wimmel, A. Wißpeintner. Secure Systems Development Based on the Common Criteria. 10th International Symposium on the Foundations of Software Engineering (FSE-10), 2002.

    Google Scholar 

  4. B. Boehm. A Spiral Model of Software Development and Enhancement. IEEE Computer, Vol. 21, #5, May 1988.

    Google Scholar 

  5. IABG. SEC: Using the V-Model and the ITSEC. In: Part 3 of the IABG V-Model 97, 1999. URL: http://www.v-modell.iabg.de/

    Google Scholar 

  6. Li Gong. Inside Java 2 Platform Security: Architecture, API Design, and Implementation. Addison-Wesley, 1999.

    Google Scholar 

  7. E. G. Amoroso. Fundamentals of Computer Security Technology. Prentice Hall, 1994.

    Google Scholar 

  8. J.H. Saltzer, M.D. Schroeder. The Protection of Information in Computer Systems. Proceedings of the IEEE 63,9, 1975.

    Google Scholar 

  9. D. Cruz, B. Rumpe, G. Wimmel. Retrofitting Security into a Web-based Information System. Technical report, available from: http://www4.in.tum.de/~wimmel/.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Software & Systems Engineering, Technische Universität München, 85748, Munich/Garching, Germany

    David Bettencourt da Cruz, Bernhard Rumpe & Guido Wimmel

Authors
  1. David Bettencourt da Cruz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bernhard Rumpe
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Guido Wimmel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Oviedo, C/Calvo Sotelo S/N, 33007, Oviedo, Spain

    Juan Manuel Cueva Lovelle , Bernardo Martín González Rodríguez , Jose Emilio Labra Gayo  & María del Puerto Paule Ruiz , ,  & 

  2. Departamento de Lenguajes, Sistemas Informáticos e Ingenería del Software, Universidad Pontificia de Salamanca, Campus de Madrid, Paseo Juan XXIII, 3, 28040, Madrid, Spain

    Luis Joyanes Aguilar

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

da Cruz, D.B., Rumpe, B., Wimmel, G. (2003). Retrofitting Security into a Web-Based Information System. In: Lovelle, J.M.C., Rodríguez, B.M.G., Gayo, J.E.L., del Puerto Paule Ruiz, M., Aguilar, L.J. (eds) Web Engineering. ICWE 2003. Lecture Notes in Computer Science, vol 2722. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45068-8_58

Download citation

  • .RIS
  • .ENW
  • .BIB

  • DOI: https://doi.org/10.1007/3-540-45068-8_58

  • Published: 24 June 2003

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40522-1

  • Online ISBN: 978-3-540-45068-9

  • eBook Packages: Springer Book Archive

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Publish with us

Policies and ethics

Search

Navigation

  • Find a journal
  • Publish with us
  • Track your research

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Journal finder
  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our brands

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Discover
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support
  • Legal notice
  • Cancel contracts here

18.222.169.35

Not affiliated

Springer Nature

© 2025 Springer Nature