Proceedings of the 2011 International Conference on Communication, Computing &Amp; Security - ICCCS '11 2011
DOI: 10.1145/1947940.1948057
|View full text |Cite
|
Sign up to set email alerts
|

Evaluation of web application security risks and secure design patterns

Abstract: The application of security in web application is of profound importance due to the extended use of web for business. Most of the attacks, are either because the developers are not considering security as a concern or due to the security flaws in designing and developing the applications. The enforcement of security in the software development life cycle of the application may reduce the high cost and efforts associated with implementing security at a later stage. For this purpose, various attempts has been ma… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
6
0
5

Year Published

2013
2013
2023
2023

Publication Types

Select...
5
3

Relationship

0
8

Authors

Journals

citations
Cited by 17 publications
(11 citation statements)
references
References 5 publications
0
6
0
5
Order By: Relevance
“…Uygulamanın çalıştığı sunucu üzerinde güvenlik yapılandırmasının düzgün şekilde yapılmamasından dolayı ortaya çıkan açıklıklar bu kategori altında değerlendirilmektedir [20,21]. OWASP 2013 en bilindik 10 açıklıklar listesinde yer alan ve bunlardan sunucu kaynaklı olan açıklık ile istismar yöntemleri aşağıda ele alınmıştır.…”
Section: Vulnerabilities)unclassified
“…Uygulamanın çalıştığı sunucu üzerinde güvenlik yapılandırmasının düzgün şekilde yapılmamasından dolayı ortaya çıkan açıklıklar bu kategori altında değerlendirilmektedir [20,21]. OWASP 2013 en bilindik 10 açıklıklar listesinde yer alan ve bunlardan sunucu kaynaklı olan açıklık ile istismar yöntemleri aşağıda ele alınmıştır.…”
Section: Vulnerabilities)unclassified
“…Furthermore, this technology permits that the people and the companies can make different works, for example: the diffusion of the information in the web pages, communication, connection, and others. On the other hand, when the technology is increasing, the cybercriminals attacks are grown (Dalai & Jena, 2011;Jericho & Munge, 2000). Therefore, is significant to create new solutions and to implement good practices in the software development, because the computer security might increase and protect the websites.…”
Section: Introductionmentioning
confidence: 99%
“…Adicionalmente, esta tecnología permite que las personas y las empresas puedan realizar diferentes trabajos, por ejemplo: la difusión de la información en las páginas web, la comunicación y la conexión, entre otros. Por otra parte, a medida que la tecnología crece, los ataques de los ciberdelincuentes también aumentan (Dalai & Jena, 2011;Jericho & Munge, 2000), por lo que es importante crear nuevas soluciones e implementar buenas prácticas en el desarrollo de software, para aumentar así la seguridad informática y con ello proteger los sitios web.…”
Section: Introductionunclassified
“…Thanks to this technology, people, companies and devices perform several tasks, such as information broadcasting through websites. Due to the significant advances in technology, the volume of sensitive information and the lack of security expertise in the development of web applications (Dalai & Jena, 2011;Jericho & Munge, 2000), the number of attacks has been increasing seriously, for example WhiteHat Security (2016) presents on its study of websites vulnerabilities, its results demonstrates the number of SQL Injection attacks and Cross Site Scripting percentage increased 50-52% and 49%-55% thorugh the years 2013-2015, respectively. The above ones are some reasons why software development must involve good practices and tools to protect websites from attackers.…”
Section: Introductionmentioning
confidence: 99%
“…Gracias a esta tecnología las personas, las compañías y los dispositivos pueden realizar distintas tareas, como por ejemplo la difusión de su información a través de los sitios web. Debido a los grandes avances en la tecnología, el volumen de información sensible y la falta de conocimiento en seguridad en el desarrollo de aplicaciones web (Dalai & Jena, 2011;Jericho & Munge, 2000), el número de ataques a los sitios web ha aumentado significativamente, como lo demuestra el estudio de WhiteHat Security (2016) a vulnerabilidades de páginas web, quien indica que durante 2013 y 2015 la cantidad de ataques de tipo SQL Inyección y Cross Site Scripting aumentó de 50 a 52% y de 49 a 55%, respectivamente. Las anteriores son algunas razones por las se debe contar con buenas prácticas en el desarrollo del software y con herramientas que permitan proteger de los atacantes a los sitios web.…”
Section: Introductionunclassified