Secure Development - Web Application Security.
Journal Title: IOSR Journals (IOSR Journal of Computer Engineering) - Year 2013, Vol 14, Issue 6
Abstract
In Current scenario, many Web applications go through rapid development phases like adopting agile methodology of development with very short turnaround time, making it difficult to identify and eliminate vulnerabilities. This paper provides analysis of requirement of Secure Development and Web application security assessment mechanisms in order to identify poor coding practices that render Web applications vulnerable to attacks such as SQL injection and cross-site scripting. This paper also list out the different categories of vulnerability with the small examples along with prevention guidance and a sample of research by different vendors about the State of Software Security Report and Web Application Vulnerability Statistics of 2012. This paper reviews need of secure development, resource s available for creating secure Web applications. These resources ranges from the security features of the development, to automated tools evaluating an existing Web application, to Web sites dedicated to all facets of Web application security. In Web application security, making one single mistake can lead to many unwanted flaws. By using the different resources available, the risk of the applications to be vulnerable can be reduced to an acceptable level. In addition, some risk can be avoided at the very beginning of the project life cycle when the requirements for the system are defined.
Authors and Affiliations
Sayyad Arif Ulla
Keywords
Related Articles
- EP ID EP136313
- DOI -
- Views 104
- Downloads 0
Increasing Quality of the Interframe and also extract Histogram using Super-Imposing
Video enhancement approach aiming to achieve high qualities in entire video. Proposes a Superimposing algorithm for improve quality of intraframe based on multiple regions-of-interest and create piecewise tone mapp...
A framework for an Operating System-based Mobile Agent Interoperability
Mobile agent technology has grown in acceptance over the years for distributed applications, but it is yet to be adopted as ubiquitous solution technique. This is due to its complexity and lack of interoperabilit...
Efficient Optimization of Multiple SPARQL Queries
A W3C standard for processing RDF data is a SPARQL query language, a technique that is used to encode data in meaningful manner. We investigate the foundations of SPARQL query optimization by grouping into ind...
Trust Modeling Scheme using Cluster Aggregation of Messages for Vehicular Ad hoc Networks
Abstract: A VANET is a decentralized network as every node performs the functions of both host and router. The main benefit of VANET communication is the enhanced passenger safety by virtue of exchanging warning messages...
An Exploration of HCI Design Features and Usability Techniques in Gaming
This Conference paper explores the human computer interaction design features relating to gaming industry. The HCI user design interface development and HCI Usability expectations are discussed in this paper. H...