Metrics-based Knowledge Analysis in Software Design for Web-based Application Security Protection

2021 ◽  
Author(s):  
Sakorn Mekruksavanich ◽  
Anuchit Jitpattanakul ◽  
Patcharapan Thongkum
Keyword(s):  
Software Design ◽  
Web Based ◽  
Application Security ◽  
Knowledge Analysis

scholarly journals Preventive Measures for Cross Site Request Forgery Attacks on Web-based Applications

2018 ◽  
Vol 7 (4.15) ◽  
pp. 130
Author(s):  
Emil Semastin ◽  
Sami Azam ◽  
Bharanidharan Shanmugam ◽  
Krishnan Kannoorpatti ◽  
Mirjam Jonokman ◽  
...  
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Operating Cycle ◽  
Web Application Security ◽  
Web Based ◽  
Business World ◽  
Application Security ◽  
Server Side ◽  
Combined Solution ◽  
Cross Site Request Forgery

Today’s contemporary business world has incorporated Web Services and Web Applications in its core of operating cycle nowadays and security plays a major role in the amalgamation of such services and applications with the business needs worldwide. OWASP (Open Web Application Security Project) states that the effectiveness of security mechanisms in a Web Application can be estimated by evaluating the degree of vulnerability against any of the nominated top ten vulnerabilities, nominated by the OWASP. This paper sheds light on a number of existing tools that can be used to test for the CSRF vulnerability. The main objective of the research is to identify the available solutions to prevent CSRF attacks. By analyzing the techniques employed in each of the solutions, the optimal tool can be identified. Tests against the exploitation of the vulnerabilities were conducted after implementing the solutions into the web application to check the efficacy of each of the solutions. The research also proposes a combined solution that integrates the passing of an unpredictable token through a hidden field and validating it on the server side with the passing of token through URL.  

Models for Cooperative Activities over the Web

2011 ◽  
pp. 245-263
Author(s):  
Bogdan D. Czejdo ◽  
Maciej Zakrzewicz ◽  
Govindarao Sathyamoorthi
Keyword(s):  
Software Architecture ◽  
Software Design ◽  
Software Systems ◽  
The Internet ◽  
Interaction Graph ◽  
Web Based ◽  
Team Members ◽  
State Diagrams ◽  
Common Task ◽  
The Web

The Chapter discusses the need and the problems associated with WEB based cooperative activities in which several team members work in parallel on a common task. Models for software systems supporting such cooperative activities are discussed. Our models describe structure of the cooperation object, cooperation modes and the network message synchronization, that are of prime importance when the system members work at different places and communicate over the Internet. We introduce and describe a component requirements graph and show how to translate it into an interaction graph. The state diagrams and the design graphs are the basis for the WEB software design. The discussion of software architecture for implementing cooperative activities over the Web is also provided.

Hypermedia and Associated Concepts

2011 ◽  
pp. 565-572
Author(s):  
Michael Lang
Keyword(s):  
Software Design ◽  
Interactive Multimedia ◽  
Common Language ◽  
Web Based ◽  
Research Results ◽  
Digital Multimedia ◽  
New Methods ◽  
Scholarly Discourse

There has been considerable speculation of late that the design of hypermedia and Web-based systems warrants new methods different from those used in conventional software design (Kautz & Nørbjerg, 2003). However, much confusion abounds within this debate because fundamental concepts such as hypermedia, multimedia, and Web-based systems are rarely explicitly defined and it is often unclear what is actually meant. This article explains the following interrelated terms: multimedia, interactive multimedia, digital multimedia, interactive digital multimedia, hypertext, hypermedia, and Web-based systems. Such clarification is important because for research results to be comparable and scholarly discourse to be logical, there must be a common language.

scholarly journals Analisis Keamanan Sistem Informasi Berbasis Website Dengan Metode Open Web Application Security Project (OWASP) Versi 4: Systematic Review

2020 ◽  
Vol 5 (2) ◽  
pp. 185
Author(s):  
Anggi Elanda ◽  
Robby Lintang Buana
Keyword(s):  
Systematic Review ◽  
Information System ◽  
Web Application ◽  
Web Server ◽  
Security Level ◽  
Web Application Security ◽  
Web Based ◽  
Non Profit ◽  
Application Security

Abstract -- OWASP (Open Web Application Security Project) version 4 issued by a non-profit organization called owasp.org which is dedicated to the security of web-based applications. This systematic review is intended to review whether the Open Web Application Security Project (OWASP) method is widely used to detect security in a website-based Information System. In this systematic review, we review 3 literature from several publisher sources and make a comparison regarding OWASP version 4 results and the security level of a web server from the publisher's source.Keywords— OWASP, Website Vulnerability, Website Security Detection

Design Implementation of Remote Monitoring and Data Acquisition for Solar Water Heating Control System

2013 ◽  
Vol 462-463 ◽  
pp. 539-542
Author(s):  
Li Li Zeng
Keyword(s):  
Control System ◽  
Data Acquisition ◽  
Real Time ◽  
Monitoring System ◽  
Software Design ◽  
Remote Monitoring ◽  
Water Heating ◽  
Web Based ◽  
Solar Water Heating ◽  
Solar Water

The paper discusses the implementation scheme and software design that applies web technology into real-time remote monitoring system. Software design of monitoring system mainly includes design of serial data acquisition software and web-based remote monitoring software. Serial software acquires related data of solar heating system via RS-485 serial port and realizes storage of data. Web-based remote monitoring is in C/S mode, and users can browse and search data of solar water heating control system in real-time by using browser. The design scheme is a success in implementation of solar water system in campus, and realizes automation integrated with control, management, information and network through a combination of control network and Internet.

A Toolkit to Guide the Design of Effective Learning Activities

2010 ◽  
pp. 156-169 ◽  
Author(s):  
Karen Fill ◽  
Gráinne Conole ◽  
Chris Bailey
Keyword(s):  
Online Learning ◽  
Software Design ◽  
Assessment Methods ◽  
Teaching Approach ◽  
Learning Activities ◽  
Learning Activity ◽  
Design Development ◽  
Web Based ◽  
Learning And Teaching ◽  
Effective Learning

The DialogPLUS Toolkit is a web-based application that guides the design of learning activities. Developed to support the project’s geographers, it incorporates well-researched pedagogic taxonomies that are presented as drop-down lists with associated ‘help’ pages. Toolkit users are encouraged to consider and specify factors including learning and teaching approach, environment, aims and outcomes, assessment methods, learner and tutor roles and requisite skills as they design any number of tasks within a learning activity and select the tools and resources needed to undertake them. The output from the toolkit is a design template that can then be used to guide the instantiation and implementation of online learning activities. The designs are saved within the toolkit, forming a database of designs, which other toolkit users can view. This chapter will present the rationale for the toolkit and the detailed taxonomies. It will describe and illustrate the software design, development and implementation, including the approach to contextual ‘help’, provide examples of learning activity designs created using the toolkit; and present and discuss feedback from users.

Countering Cross-Site Scripting in Web-based Applications

2015 ◽  
Vol 6 (1) ◽  
pp. 57-68 ◽  
Author(s):  
Loye Lynn Ray
Keyword(s):  
Web Sites ◽  
Web Application ◽  
Information Source ◽  
Web Application Security ◽  
Web Based ◽  
Application Security ◽  
Dynamic Web ◽  
Web Vulnerabilities ◽  
Cross Site

Today's dynamic web-based applications have become a normal and critical asset to an organizations business. They come with an increase in the number of web vulnerabilities and attacks. These weaknesses allow hackers to focus their attention on attacking this important information source. The most common vulnerability is cross-site scripting (XSS) and one of the Open Web Application Security project (OWASP) top ten web-threats. XSS occurs when a Web-based application allows untrusted information be accepted and sent back to a browser. Also they can execute scripts within a browser that can deface web sites, redirect users to malicious content and hijack browsers. One reason for this problem was the lack of developers understanding the causes of XSS. In this paper, the authors address the causes of XSS and countermeasures to defense against these threats.

scholarly journals Humanities Research Software Design: The Wilde Trials Web App

2016 ◽  
Vol 7 (2/3) ◽  
Author(s):  
Colette Colligan ◽  
Michael Joyce ◽  
Sarah Bull ◽  
Cécile Loyen
Keyword(s):  
Nineteenth Century ◽  
Cultural History ◽  
Software Design ◽  
News Coverage ◽  
Data Driven ◽  
Cultural Impact ◽  
Web Based ◽  
Research Software ◽  
The Past ◽  
Web App

Background:This article discusses the design of Web-based research software to computationally analyze the international news coverage of the playwright Oscar Wilde’s 1895 sex trials. Over two months, Wilde stood three trials, eventually being convicted of “gross indecency” (1885 Criminal Law Amendment Act).Analysis: Over the past year, we have collaboratively designed a program to advance our understanding of the trials’ cultural impact as they were reported in newspapers around the world. Bridging our expertise in nineteenth-century cultural history and software engineering, we discuss the concept and design of the Wilde Trials Web App, as well as early discoveries about the French news coverage and plans for the program’s further development.Conclusion and implications: Our work stands at the forefront of software design and data-driven research on the nineteenth-century press.

Countering Cross-Site Scripting in Web-Based Applications

2018 ◽  
pp. 370-383
Author(s):  
Loye Lynn Ray
Keyword(s):  
Web Sites ◽  
Web Application ◽  
Information Source ◽  
Web Application Security ◽  
Web Based ◽  
Application Security ◽  
Dynamic Web ◽  
Web Vulnerabilities ◽  
Cross Site

Today's dynamic web-based applications have become a normal and critical asset to an organizations business. They come with an increase in the number of web vulnerabilities and attacks. These weaknesses allow hackers to focus their attention on attacking this important information source. The most common vulnerability is cross-site scripting (XSS) and one of the Open Web Application Security project (OWASP) top ten web-threats. XSS occurs when a Web-based application allows untrusted information be accepted and sent back to a browser. Also they can execute scripts within a browser that can deface web sites, redirect users to malicious content and hijack browsers. One reason for this problem was the lack of developers understanding the causes of XSS. In this paper, the authors address the causes of XSS and countermeasures to defense against these threats.

Sign in / Sign up

Export Citation Format

Share Document