Int. J. of Internet Technology and Secured Transactions   »   2012 Vol.4, No.2/3



Title: Developing secure web applications


Authors: Dharmendra Choukse; Dimitris N. Kanellopoulos; Umesh Kumar Singh


Institute of Engineering and Sciences, IPS Academy, Rajendra Nagar Indore, 452012, India.
Department of Mathematics, University of Patras, University Campus, 26500, Rio, Patras, Greece.
Institute of Computer Science, Vikram University, Ujjain, 456010, India


Abstract: The security of web applications is an important issue for any organisation that deploys its own websites. If an organisation takes the required precautions and countermeasures, it can prevent the possible attacks. Otherwise, its critical data, reputation and credibility will be at risk. Nowadays, firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS) provide security at the network layer. However, more than 70% of present world's security attacks exploit the vulnerabilities at the application level. Cross-site scripting, SQL injection, cookie poisoning and forceful browsing are some of the most common website vulnerabilities. Stringent user input validation, proper session management, and exploitation of web application firewalls, etc., can be used as countermeasures to combat the attacks on websites. In this paper, we discuss how attackers can exploit the vulnerabilities of web applications and how we can implement effective countermeasures to secure our web applications.


Keywords: secure web applications; web security; cross-side scripting; SQL injection; cookie poisoning; forceful browsing; website vulnerability.


DOI: 10.1504/IJITST.2012.047969


Int. J. of Internet Technology and Secured Transactions, 2012 Vol.4, No.2/3, pp.221 - 236


Submission date: 14 Feb 2012
Date of acceptance: 16 Mar 2012
Available online: 16 Jul 2012



Editors Full text accessAccess for SubscribersPurchase this articleComment on this article