Web application security: Improving critical web-based applications quality through in-depth security analysis

机译：Web应用程序安全性：通过深入的安全性分析提高关键的基于Web的应用程序的质量

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

The Internet, and in particular the World Wide Web, have become one of the most common communication mediums in the World. Millions of users connect everyday to different web-based applications to search for information, exchange messages, interact with each other, conduct business, pay taxes, perform financial operations and many more. Some of these critical web-based services are targeted by several malicious users intending to exploit possible weaknesses and vulnerabilities, which could cause not only the disruption of the service, but also compromise the users and organizations information. Most of the times, these malicious users succeed in exploiting different types of vulnerabilities and the consequences can be disastrous. Most of these vulnerabilities are directly related with the web-based applications lack of quality as a result from a poorly implemented software development life cycle (SDLC). This paper will discuss the direct implication of the lack of security and the importance of quality on the SDLC, and the major factors that influence them. On the other hand the authors propose a set of security automated tools and methodologies that can be used throughout the SDLC as a mean to improve critical web-based applications security and quality.

机译：互联网，尤其是万维网，已经成为世界上最常见的通信媒介之一。每天都有数百万用户连接到不同的基于Web的应用程序，以搜索信息，交换消息，彼此交互，开展业务，缴税，进行财务运营等等。这些关键的基于Web的服务中有一些是恶意用户针对的，这些恶意用户打算利用可能的弱点和漏洞，这些弱点和漏洞不仅可能导致服务中断，还可能损害用户和组织信息。在大多数情况下，这些恶意用户成功利用各种类型的漏洞，其后果可能是灾难性的。这些漏洞中的大多数直接与由于实施不良的软件开发生命周期（SDLC）导致的基于Web的应用程序质量不足有关。本文将讨论缺乏安全性的直接含义以及质量对SDLC的重要性，以及影响它们的主要因素。另一方面，作者提出了一套安全自动化工具和方法，可在整个SDLC中使用，以提高关键的基于Web的应用程序的安全性和质量。

著录项

来源
《2011 International Conference on Information Society》|2011年|p.457-462|共6页
会议地点
作者
Teodoro Nuno; Serrao Carlos;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类计算技术、计算机技术;
关键词
Automated Testing; Critical; Quality; Security; Web Application;

机译：自动化测试;关键;质量;安全性; Web应用程序;
入库时间 2022-08-26 15:16:32

相似文献

外文文献
中文文献
专利

1. Comparative Security Analysis of Web-Based Instant Messaging Applications [J] . Imam Riadi, Rusydi Umar, Muhammad Abdul Aziz Jurnal RESTI: Rekayasa Sistem dan Teknologi Informasi . 2020,第5期

机译：基于Web的即时消息应用程序的比较安全分析
2. Software security analysis and assessment model for the web-based applications [J] . Y. Wang, W.M. Lively, D.B. Simmons Journal of Computational Methods in Sciences and Engineering . 2009,第1a2suppla2期

机译：基于Web的应用程序的软件安全分析和评估模型
3. Special Issue on Recent Advances in Cloud Computing, Machine Learning, and Security in Web-Based Applications [J] . Jararweh Yaser, Panda Sanjaya Kumar, Mishra Brojo Kishore, International journal of information technology and web engineering . 2019,第1期

机译：基于Web的应用程序中云计算，机器学习和安全性近期进步的特殊问题
4. Web application security: Improving critical web-based applications quality through in-depth security analysis [C] . Teodoro Nuno, Serrao Carlos International Conference on Information Society . 2011

机译：Web应用程序安全性：通过深入安全分析提高关键的基于Web的应用程序质量
5. Security analysis and improvement model for Web-based applications. [D] . Wang, Yong. 2008

机译：基于Web的应用程序的安全性分析和改进模型。
6. Nanostructured Metal Oxide Gas Sensors a Survey of Applications Carried out at SENSOR Lab Brescia (Italy) in the Security and Food Quality Fields [O] . Andrea Ponzoni, Elisabetta Comini, Isabella Concina, 2012

机译：纳米结构的金属氧化物气体传感器在布雷西亚（意大利）的SENSOR实验室进行的安全性和食品质量领域应用调查
7. On Combining Static, Dynamic and Interactive Analysis Security Testing Tools to Improve OWASP Top Ten Security Vulnerability Detection in Web Applications [O] . Francesc Mateo Tudela, Juan-Ramón Bermejo Higuera, Javier Bermejo Higuera, 2020

机译：组合静态，动态和交互式分析安全测试工具在Web应用程序中提高OWASP十大安全漏洞检测
8. Case for avoiding security-enhanced HTTP tools to improve security for Web-based applications. [R] . Wood, B. 1996

机译：避免安全性增强的HTTp工具以提高基于Web的应用程序的安全性的案例。

Web application security: Improving critical web-based applications quality through in-depth security analysis

摘要

著录项

相似文献

相关主题

期刊订阅