Limits: Web Servers
Unprincipled
- Not able to specifically identify resources at risk within a server (ìmedical recordsî)
- Not responsible for own security; varies by OS
- Not careful in logging anomalies or for rollback
Principal identification scattered
- E.g. SSL client-auth info cannot pass up to HTTP
- Lower-layer IP source or DNS lookup spoofable
Inflexible policies
- Typically limited to user-and-password configurations