Toward Exploiting Access Control Vulnerabilities within MongoDB Backend Web Applications

Abstract

Access control is an extremely important and error-prone practice during web application. The emergence of NoSQL databases and the flexible data models they bring impose new challenges on the implementation of access control within web applications. This paper presents Scout, a novel methodology for discovering access control vulnerabilities in existing web… (More)
DOI: 10.1109/COMPSAC.2016.207

Topics

11 Figures and Tables

Cite this paper

@article{Wen2016TowardEA, title={Toward Exploiting Access Control Vulnerabilities within MongoDB Backend Web Applications}, author={Shuo Wen and Yuan Xue and Jing Xu and Hongji Yang and Xiaohong Li and Wenli Song and Guannan Si}, journal={2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC)}, year={2016}, volume={1}, pages={143-153} }