• WEB SECURITY

Treffer: WEB SECURITY

Title:
WEB SECURITY
Authors:
Oriana Kondakciu
Contributors:
The Pennsylvania State University CiteSeerX Archives
Source:
http://www4.ncsu.edu/~kksivara/sfwr4c03/projects/4c03projects/OKondakciu-Project.pdf.
Collection:
CiteSeerX
Subject Terms:
applications include SQL Injection, Variable manipulation, Cross Site Scripting
Document Type:
Fachzeitschrift text
File Description:
application/pdf
Language:
English
Relation:
http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.149.5450
Availability:
http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.149.5450
http://www4.ncsu.edu/~kksivara/sfwr4c03/projects/4c03projects/OKondakciu-Project.pdf
Rights:
Metadata may be used without restrictions as long as the oai identifier remains attached to it.
Accession Number:
edsbas.FD0E3108
Database:
BASE

Weitere Informationen

Software Engineering 4C03 ProjectThe Internet is a collection of networks, in which the web servers construct autonomous systems. The data routing infrastructure corresponds to software based communication interfaces, which are executed upon physical hardware. The main software application responsible for the transmitted data is the java-based browser. The design of this application is directly responsible for the reliability of the data transmitted through the Internet. Security however is usually treated as an afterthought. Despite common sense, the security is considered at the bottom of a list that includes functionality, performance, compatibility and human interface. Good faith should not be applied when transferring private information through the Internet. The programming languages Java and JavaScript have become the power tools of choice in building web-based applications. A Web application is a dynamic extension of a web server. Its services can include remote database access and online purchases. Security weaknesses of web applications are often refer as holes or bugs. The exploitation of these weaknesses has severe consequences which include loss and manipulation of sensitive information. The new browsers have a considerable improvement over their predecessors when it comes to security but cannot guarantee that they are bug-free. The newest technology with a superior security system is ActiveX control by Microsoft. The downside of this technology is that it is supported only by Internet Explorer browser. Also, the ActiveX controls are written and compiled using Microsoft office visual basics programs. The Java language however needs only an editor and a free compiler. ActiveX controls use certified digital signature, but it is dangerous because it has no restrictions on the variety of its use. One disturbing example is the spy-ware software usually downloaded automatically from specific websites. Java on the other hand, achieves security by restricting the behavior of applets to a set of safe actions ...