开源内容管理系统中web安全性的比较分析

2013 International Conference on Intelligent Systems and Signal Processing (ISSP) Pub Date : 2013-03-01 DOI:10.1109/ISSP.2013.6526932

S. K. Patel, V. R. Rathod, J. Prajapati

{"title":"开源内容管理系统中web安全性的比较分析","authors":"S. K. Patel, V. R. Rathod, J. Prajapati","doi":"10.1109/ISSP.2013.6526932","DOIUrl":null,"url":null,"abstract":"Internet has become priceless tool that enables corporate world to show their capabilities. While Web applications have gained importance on the Internet, security is the only thing to worry. Business data is very critical that floats on the cloud and that's why Web Application Security is rapidly becoming a growing concern for all enterprises. In this paper we tried to show what is Hacking and its symptoms. In web development Content Management System (CMS) is gaining so much popularity as it uses to make easy editing and publishing process for novice even if he doesn't know web programming. There are over thousand of open source CMS available in the market. When we just talk about content management concept two or three names like Joomla, Drupal and WordPress strike in mind. As these are the one of the best CMSs in the market and their community provides nice basic security still we want to compare these CMS and want to know which CMS provides best security. To do the comparison we have done two case studies. In case 1 we have developed one common page in all CMS and host it then after we have applied different web attacks like SQLi, XSS, CSRF etc. and derived their hacking results. In case 2 we used Acunetix WVS Reporter v6.0 to find out the strength of security in different CMS. Apart from this we also try to find out Broken links in all listed CMSs.","PeriodicalId":354719,"journal":{"name":"2013 International Conference on Intelligent Systems and Signal Processing (ISSP)","volume":"134 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"Comparative analysis of web security in open source content management system\",\"authors\":\"S. K. Patel, V. R. Rathod, J. Prajapati\",\"doi\":\"10.1109/ISSP.2013.6526932\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Internet has become priceless tool that enables corporate world to show their capabilities. While Web applications have gained importance on the Internet, security is the only thing to worry. Business data is very critical that floats on the cloud and that's why Web Application Security is rapidly becoming a growing concern for all enterprises. In this paper we tried to show what is Hacking and its symptoms. In web development Content Management System (CMS) is gaining so much popularity as it uses to make easy editing and publishing process for novice even if he doesn't know web programming. There are over thousand of open source CMS available in the market. When we just talk about content management concept two or three names like Joomla, Drupal and WordPress strike in mind. As these are the one of the best CMSs in the market and their community provides nice basic security still we want to compare these CMS and want to know which CMS provides best security. To do the comparison we have done two case studies. In case 1 we have developed one common page in all CMS and host it then after we have applied different web attacks like SQLi, XSS, CSRF etc. and derived their hacking results. In case 2 we used Acunetix WVS Reporter v6.0 to find out the strength of security in different CMS. Apart from this we also try to find out Broken links in all listed CMSs.\",\"PeriodicalId\":354719,\"journal\":{\"name\":\"2013 International Conference on Intelligent Systems and Signal Processing (ISSP)\",\"volume\":\"134 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-03-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 International Conference on Intelligent Systems and Signal Processing (ISSP)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISSP.2013.6526932\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Intelligent Systems and Signal Processing (ISSP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISSP.2013.6526932","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 18

摘要

互联网已经成为企业展示自身能力的无价工具。虽然Web应用程序在Internet上变得越来越重要，但安全性是唯一需要担心的事情。漂浮在云上的业务数据非常关键，这就是为什么Web应用程序安全性正迅速成为所有企业日益关注的问题。在本文中，我们试图说明什么是黑客及其症状。在web开发中，内容管理系统(CMS)越来越受欢迎，因为它可以使不懂web编程的新手轻松编辑和发布过程。市场上有上千种开源CMS。当我们谈论内容管理概念时，脑海中会浮现出两三个名字，比如Joomla、Drupal和WordPress。由于这些是市场上最好的CMS之一，他们的社区提供了很好的基本安全性，我们仍然想比较这些CMS，并想知道哪个CMS提供了最好的安全性。为了进行比较，我们做了两个案例研究。在案例1中，我们在所有CMS中开发了一个通用页面并托管它，然后我们应用了不同的web攻击，如SQLi, XSS, CSRF等，并获得了他们的黑客攻击结果。在案例2中，我们使用Acunetix WVS Reporter v6.0来找出不同CMS的安全强度。除此之外，我们还试图找出所有列出的cms中的坏链接。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Comparative analysis of web security in open source content management system

Internet has become priceless tool that enables corporate world to show their capabilities. While Web applications have gained importance on the Internet, security is the only thing to worry. Business data is very critical that floats on the cloud and that's why Web Application Security is rapidly becoming a growing concern for all enterprises. In this paper we tried to show what is Hacking and its symptoms. In web development Content Management System (CMS) is gaining so much popularity as it uses to make easy editing and publishing process for novice even if he doesn't know web programming. There are over thousand of open source CMS available in the market. When we just talk about content management concept two or three names like Joomla, Drupal and WordPress strike in mind. As these are the one of the best CMSs in the market and their community provides nice basic security still we want to compare these CMS and want to know which CMS provides best security. To do the comparison we have done two case studies. In case 1 we have developed one common page in all CMS and host it then after we have applied different web attacks like SQLi, XSS, CSRF etc. and derived their hacking results. In case 2 we used Acunetix WVS Reporter v6.0 to find out the strength of security in different CMS. Apart from this we also try to find out Broken links in all listed CMSs.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2013 International Conference on Intelligent Systems and Signal Processing (ISSP)

自引率

0.00%

发文量