Int. J. of Internet Technology and Secured Transactions   »   2012 Vol.4, No.2/3

 

 

Title: Developing secure web applications

 

Authors: Dharmendra Choukse; Dimitris N. Kanellopoulos; Umesh Kumar Singh

 

Addresses:
Institute of Engineering and Sciences, IPS Academy, Rajendra Nagar Indore, 452012, India.
Department of Mathematics, University of Patras, University Campus, 26500, Rio, Patras, Greece.
Institute of Computer Science, Vikram University, Ujjain, 456010, India

 

Abstract: The security of web applications is an important issue for any organisation that deploys its own websites. If an organisation takes the required precautions and countermeasures, it can prevent the possible attacks. Otherwise, its critical data, reputation and credibility will be at risk. Nowadays, firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS) provide security at the network layer. However, more than 70% of present world's security attacks exploit the vulnerabilities at the application level. Cross-site scripting, SQL injection, cookie poisoning and forceful browsing are some of the most common website vulnerabilities. Stringent user input validation, proper session management, and exploitation of web application firewalls, etc., can be used as countermeasures to combat the attacks on websites. In this paper, we discuss how attackers can exploit the vulnerabilities of web applications and how we can implement effective countermeasures to secure our web applications.

 

Keywords: secure web applications; web security; cross-side scripting; SQL injection; cookie poisoning; forceful browsing; website vulnerability.

 

DOI: 10.1504/IJITST.2012.047969

 

Int. J. of Internet Technology and Secured Transactions, 2012 Vol.4, No.2/3, pp.221 - 236

 

Submission date: 14 Feb 2012
Date of acceptance: 16 Mar 2012
Available online: 16 Jul 2012

 

 

Editors Full text accessAccess for SubscribersPurchase this articleComment on this article