Abdulaziz Aborujilah, J. Adamu, S. Shariff, Zalizah Awang Long
{"title":"Web开发框架中内置安全特性的描述性分析","authors":"Abdulaziz Aborujilah, J. Adamu, S. Shariff, Zalizah Awang Long","doi":"10.1109/imcom53663.2022.9721750","DOIUrl":null,"url":null,"abstract":"Many challenges are facing modern web applications, and security is a major concern for web applications developers especially when today's web applications are interactive and support user collaboration. SQL injections, cross-site scripting, cross-site request forgery, and broken authentication are examples of these common security vulnerabilities. Several web development frameworks (e.g., Laravel, Spring Boot, Django, Ruby on Rails, and ASP.NET Core) provide out-of-the-box security features to protect modern web applications against the above-mentioned vulnerabilities. Developers usually use manual protection mechanisms to secure modern web applications. Although, manual protection increases the probability of web application attacks. This study focuses on reviewing and comparing and analyzing the most common vulnerabilities found in modern web applications and the web development frameworks built-in security features. This study aid software developers and organizations in selecting the most effective protection methods which are provided by web application frameworks.","PeriodicalId":367038,"journal":{"name":"2022 16th International Conference on Ubiquitous Information Management and Communication (IMCOM)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Descriptive Analysis of Built-in Security Features in Web Development Frameworks\",\"authors\":\"Abdulaziz Aborujilah, J. Adamu, S. Shariff, Zalizah Awang Long\",\"doi\":\"10.1109/imcom53663.2022.9721750\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Many challenges are facing modern web applications, and security is a major concern for web applications developers especially when today's web applications are interactive and support user collaboration. SQL injections, cross-site scripting, cross-site request forgery, and broken authentication are examples of these common security vulnerabilities. Several web development frameworks (e.g., Laravel, Spring Boot, Django, Ruby on Rails, and ASP.NET Core) provide out-of-the-box security features to protect modern web applications against the above-mentioned vulnerabilities. Developers usually use manual protection mechanisms to secure modern web applications. Although, manual protection increases the probability of web application attacks. This study focuses on reviewing and comparing and analyzing the most common vulnerabilities found in modern web applications and the web development frameworks built-in security features. This study aid software developers and organizations in selecting the most effective protection methods which are provided by web application frameworks.\",\"PeriodicalId\":367038,\"journal\":{\"name\":\"2022 16th International Conference on Ubiquitous Information Management and Communication (IMCOM)\",\"volume\":\"54 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-01-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 16th International Conference on Ubiquitous Information Management and Communication (IMCOM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/imcom53663.2022.9721750\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 16th International Conference on Ubiquitous Information Management and Communication (IMCOM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/imcom53663.2022.9721750","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
现代web应用程序面临着许多挑战,安全性是web应用程序开发人员主要关心的问题,特别是当今天的web应用程序是交互式的并支持用户协作时。SQL注入、跨站点脚本、跨站点请求伪造和身份验证失效都是这些常见安全漏洞的例子。一些web开发框架(如Laravel, Spring Boot, Django, Ruby on Rails和ASP)。. NET Core)提供了开箱即用的安全特性,以保护现代web应用程序免受上述漏洞的侵害。开发人员通常使用手动保护机制来保护现代web应用程序。尽管如此,手动保护增加了web应用程序攻击的可能性。本研究的重点是回顾、比较和分析现代web应用程序和web开发框架内置安全特性中最常见的漏洞。本研究帮助软件开发人员和组织选择由web应用程序框架提供的最有效的保护方法。
Descriptive Analysis of Built-in Security Features in Web Development Frameworks
Many challenges are facing modern web applications, and security is a major concern for web applications developers especially when today's web applications are interactive and support user collaboration. SQL injections, cross-site scripting, cross-site request forgery, and broken authentication are examples of these common security vulnerabilities. Several web development frameworks (e.g., Laravel, Spring Boot, Django, Ruby on Rails, and ASP.NET Core) provide out-of-the-box security features to protect modern web applications against the above-mentioned vulnerabilities. Developers usually use manual protection mechanisms to secure modern web applications. Although, manual protection increases the probability of web application attacks. This study focuses on reviewing and comparing and analyzing the most common vulnerabilities found in modern web applications and the web development frameworks built-in security features. This study aid software developers and organizations in selecting the most effective protection methods which are provided by web application frameworks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
