Text Size
- Home
-
News
Advanced computing news from Communications of the ACM, other ACM resources, and from around the Web.
- Blogs
- Opinion
-
Browse by Subject
Recent articles from Communications organized into categories that encompass the broad scope of computing.
-
Magazine Archive
-
Careers
Jump-start your career with information on trends, opportunities and jobs – in both industry and academia.
- ACM Resources
-
Subscribe
Receive the benefits of ACM membership with a subscription to its flagship publication, Communications of the ACM.
Home » Magazine Archive » 2009 » No. 12 » Security in Dynamic Web Content Management Systems... » Abstract
Virtual extension
Security in Dynamic Web Content Management Systems Applications
The processes behind corporate efforts to create, manage, publish, and archive Web information has also evolved using Web Content Management Systems (WCMS). WCMS allow teams to maintain Web content in a dynamic fashion through a user friendly interface and a modular application approach. This dynamic "on-the-fly" content creation provides Web site authors several advantages including access to information stored in databases, ability to personalize Web pages according to individual user preferences, and the opportunity to deliver a much more interactive user experience than static Web pages alone.
11However, there are distinct disadvantages as well. Dynamically generating Web content can significantly impact Web server performance, reduce the scalability of the Web site and create security vulnerabilities or denial of service.
11Organizations are adopting information technology without understanding such security concerns.
1Moreover, as Mostefaoui
7points out, even though many attempts have been made to understand the security architecture, a generic security framework is needed. Recent research amplifies the concerns and benefits of security in open source systems.
2However, there is a need for organizations to understand how to evaluate these open source systems and this paper highlights how an evaluation technique in terms of security may be used in an organization to assess a short list of possible WMCS systems. This article focuses on security issues in WCMS and the objective is to understand the security issues as well as to provide a generic security framework.
The contributions of this paper are to:
1. Integrate the goals of security with eight dimensions of WCMS,
2. Specify how to secure the eight dimensions of WCMS,
3. Formulate a framework of security using this integrated view of security goals and security dimensions, and
4. Address the security of the Web architecture at WCMS software application level using the framework and evaluate security features in popular WCMS used in the industry.
Read the Full Article:
Tools For Readers
Text Size
Related ACM Resources
Conferences:
- LCTES 2012: Languages, Compilers, Tools, and Theory for Embedded Systems - June 12 – 13, 2012; Beijing, China
Courses:
- Word 2003: Working with Tables and Data - In this course, you will increase the complexity of your Microsoft Word 2003 documents by adding components such as customized lists, tables, and charts. You …
About Communications |
Join ACM 
|
Renew |
Subscribe |
Sign In |
For Authors |
For Advertisers |
Privacy |
Site Map |
Help |
Contact Us |
Mobile Site
Copyright © 2012 by the ACM. All rights reserved.