Secure Development - Web Application Security.
Journal Title: IOSR Journals (IOSR Journal of Computer Engineering) - Year 2013, Vol 14, Issue 6
Abstract
In Current scenario, many Web applications go through rapid development phases like adopting agile methodology of development with very short turnaround time, making it difficult to identify and eliminate vulnerabilities. This paper provides analysis of requirement of Secure Development and Web application security assessment mechanisms in order to identify poor coding practices that render Web applications vulnerable to attacks such as SQL injection and cross-site scripting. This paper also list out the different categories of vulnerability with the small examples along with prevention guidance and a sample of research by different vendors about the State of Software Security Report and Web Application Vulnerability Statistics of 2012. This paper reviews need of secure development, resource s available for creating secure Web applications. These resources ranges from the security features of the development, to automated tools evaluating an existing Web application, to Web sites dedicated to all facets of Web application security. In Web application security, making one single mistake can lead to many unwanted flaws. By using the different resources available, the risk of the applications to be vulnerable can be reduced to an acceptable level. In addition, some risk can be avoided at the very beginning of the project life cycle when the requirements for the system are defined.
Authors and Affiliations
Sayyad Arif Ulla
Keywords
Related Articles
- EP ID EP136313
- DOI -
- Views 75
- Downloads 0
Churn Prediction Model Using Linear Discriminant Analysis (LDA)
Abstract: Customer churn refers to customers terminating the service contract with the company or turning to services provided by the other company. Churn analysis is the calculation of the rate of attrition in the custo...
Modified Rabin Cryptosystem through Advanced Key Distribution System
Abstract: In this paper, an asymmetric cryptosystem Rabin Cryptosystem has been modified by adding an advanced message authentication system with it. The proposed modified Rabin Cryptosystem is a combination of sym...
A Synopsis of Simulation and Mobility Modeling in Vehicular Ad-hoc Networks (VANETs)
Vehicular communication is considered to be a backbone for many critical safety applications. In order to achieve a better implementation of any vehicular communication scenario, an efficient, accurate and ...
Social Interaction Feature for Mobile TV Services Based On Cloud Move
Abstract: The rapidly increasing power of personal mobile devices (smartphones, tablets, etc.) is providing much richer contents and social interactions to users on the move. This trend however is throttled by the...
Development of Text-to-Speech Synthesizer for Pali Language
Abstract : We introduced a new method for Text-To-Speech (TTS) synthesis for Pali language. We discuss the efforts in collecting speech database of Pali language and relevant design issues in development of TTS system.T...