{"title":"政府官方网站应用程序的安全问题列举及处理","authors":"A. Fajar, S. Yazid","doi":"10.1109/ICACSIS.2018.8618196","DOIUrl":null,"url":null,"abstract":"Web applications are one of the targets in information security attacks. Many security holes can be exploited can be source of damage and operational disruption of the application itself and even the IT infrastructure in it. Web Application Security Issues usually relate to problems that the developer or the owner may not aware or tend to ignore the issues. The main objective is to enumerate, describe and analyze security issues of the government official web application in Indonesia. The issues covers technical, environment and support issues of application development, configuration and security governance. Technical and environment issues identified using application vulnerability scanners tools. The result shows that web applications have most weakness in configuration issues, both application and security configuration. All of weaknesses that identified relate to technical development, application environment and support. The state of the art of the work lay on that how to improve the quality of web application development which often ignore security requirement during design, development, and deployment. That conditions may raise security issue when the web application has published that may affect other systems. The work recommend several approach to handle the security issues as a contribution to developer and the owner to fix the issues.","PeriodicalId":207227,"journal":{"name":"2018 International Conference on Advanced Computer Science and Information Systems (ICACSIS)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Enumeration and Handling Security Issues of Government Official Web Application\",\"authors\":\"A. Fajar, S. Yazid\",\"doi\":\"10.1109/ICACSIS.2018.8618196\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Web applications are one of the targets in information security attacks. Many security holes can be exploited can be source of damage and operational disruption of the application itself and even the IT infrastructure in it. Web Application Security Issues usually relate to problems that the developer or the owner may not aware or tend to ignore the issues. The main objective is to enumerate, describe and analyze security issues of the government official web application in Indonesia. The issues covers technical, environment and support issues of application development, configuration and security governance. Technical and environment issues identified using application vulnerability scanners tools. The result shows that web applications have most weakness in configuration issues, both application and security configuration. All of weaknesses that identified relate to technical development, application environment and support. The state of the art of the work lay on that how to improve the quality of web application development which often ignore security requirement during design, development, and deployment. That conditions may raise security issue when the web application has published that may affect other systems. The work recommend several approach to handle the security issues as a contribution to developer and the owner to fix the issues.\",\"PeriodicalId\":207227,\"journal\":{\"name\":\"2018 International Conference on Advanced Computer Science and Information Systems (ICACSIS)\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 International Conference on Advanced Computer Science and Information Systems (ICACSIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICACSIS.2018.8618196\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 International Conference on Advanced Computer Science and Information Systems (ICACSIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICACSIS.2018.8618196","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Enumeration and Handling Security Issues of Government Official Web Application
Web applications are one of the targets in information security attacks. Many security holes can be exploited can be source of damage and operational disruption of the application itself and even the IT infrastructure in it. Web Application Security Issues usually relate to problems that the developer or the owner may not aware or tend to ignore the issues. The main objective is to enumerate, describe and analyze security issues of the government official web application in Indonesia. The issues covers technical, environment and support issues of application development, configuration and security governance. Technical and environment issues identified using application vulnerability scanners tools. The result shows that web applications have most weakness in configuration issues, both application and security configuration. All of weaknesses that identified relate to technical development, application environment and support. The state of the art of the work lay on that how to improve the quality of web application development which often ignore security requirement during design, development, and deployment. That conditions may raise security issue when the web application has published that may affect other systems. The work recommend several approach to handle the security issues as a contribution to developer and the owner to fix the issues.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
