{"title":"Web应用程序安全性:通过深入的安全性分析提高关键的基于Web的应用程序质量","authors":"Nuno Teodoro, C. Serrão","doi":"10.1109/I-SOCIETY18435.2011.5978496","DOIUrl":null,"url":null,"abstract":"The Internet, and in particular the World Wide Web, have become one of the most common communication mediums in the World. Millions of users connect everyday to different web-based applications to search for information, exchange messages, interact with each other, conduct business, pay taxes, perform financial operations and many more. Some of these critical web-based services are targeted by several malicious users intending to exploit possible weaknesses and vulnerabilities, which could cause not only the disruption of the service, but also compromise the users and organizations information. Most of the times, these malicious users succeed in exploiting different types of vulnerabilities and the consequences can be disastrous. Most of these vulnerabilities are directly related with the web-based applications lack of quality as a result from a poorly implemented software development life cycle (SDLC). This paper will discuss the direct implication of the lack of security and the importance of quality on the SDLC, and the major factors that influence them. On the other hand the authors propose a set of security automated tools and methodologies that can be used throughout the SDLC as a mean to improve critical web-based applications security and quality.","PeriodicalId":158246,"journal":{"name":"International Conference on Information Society (i-Society 2011)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"30","resultStr":"{\"title\":\"Web application security: Improving critical web-based applications quality through in-depth security analysis\",\"authors\":\"Nuno Teodoro, C. Serrão\",\"doi\":\"10.1109/I-SOCIETY18435.2011.5978496\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Internet, and in particular the World Wide Web, have become one of the most common communication mediums in the World. Millions of users connect everyday to different web-based applications to search for information, exchange messages, interact with each other, conduct business, pay taxes, perform financial operations and many more. Some of these critical web-based services are targeted by several malicious users intending to exploit possible weaknesses and vulnerabilities, which could cause not only the disruption of the service, but also compromise the users and organizations information. Most of the times, these malicious users succeed in exploiting different types of vulnerabilities and the consequences can be disastrous. Most of these vulnerabilities are directly related with the web-based applications lack of quality as a result from a poorly implemented software development life cycle (SDLC). This paper will discuss the direct implication of the lack of security and the importance of quality on the SDLC, and the major factors that influence them. On the other hand the authors propose a set of security automated tools and methodologies that can be used throughout the SDLC as a mean to improve critical web-based applications security and quality.\",\"PeriodicalId\":158246,\"journal\":{\"name\":\"International Conference on Information Society (i-Society 2011)\",\"volume\":\"55 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-06-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"30\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Conference on Information Society (i-Society 2011)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/I-SOCIETY18435.2011.5978496\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Information Society (i-Society 2011)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/I-SOCIETY18435.2011.5978496","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Web application security: Improving critical web-based applications quality through in-depth security analysis
The Internet, and in particular the World Wide Web, have become one of the most common communication mediums in the World. Millions of users connect everyday to different web-based applications to search for information, exchange messages, interact with each other, conduct business, pay taxes, perform financial operations and many more. Some of these critical web-based services are targeted by several malicious users intending to exploit possible weaknesses and vulnerabilities, which could cause not only the disruption of the service, but also compromise the users and organizations information. Most of the times, these malicious users succeed in exploiting different types of vulnerabilities and the consequences can be disastrous. Most of these vulnerabilities are directly related with the web-based applications lack of quality as a result from a poorly implemented software development life cycle (SDLC). This paper will discuss the direct implication of the lack of security and the importance of quality on the SDLC, and the major factors that influence them. On the other hand the authors propose a set of security automated tools and methodologies that can be used throughout the SDLC as a mean to improve critical web-based applications security and quality.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
