Securing web applications from injection and logic vulnerabilities: Approaches and challenges
作者: G. DeepaP. Santhi Thilagam
作者单位: 1Department of Computer Science and Engineering, National Institute of Technology Karnataka, Surathkal, India
刊名: Information and Software Technology, 2016, Vol.74 , pp.160-180
来源数据库: Elsevier Journal
DOI: 10.1016/j.infsof.2016.02.005
关键词: SQL injectionCross-site scriptingBusiness logic vulnerabilitiesApplication logic vulnerabilitiesWeb application securityInjection flaws
原始语种摘要: Abstract(#br)Context: Web applications are trusted by billions of users for performing day-to-day activities. Accessibility, availability and omnipresence of web applications have made them a prime target for attackers. A simple implementation flaw in the application could allow an attacker to steal sensitive information and perform adversary actions, and hence it is important to secure web applications from attacks. Defensive mechanisms for securing web applications from the flaws have received attention from both academia and industry.(#br)Objective: The objective of this literature review is to summarize the current state of the art for securing web applications from major flaws such as injection and logic flaws. Though different kinds of injection flaws exist, the scope is restricted...
全文获取路径: Elsevier  (合作)
影响因子:1.522 (2012)

  • applications 应用程序
  • web 梁腹板
  • logic 逻辑
  • flaws 疵点
  • injection 贯入
  • securing 固定
  • articles 用品
  • attacker 攻击者
  • security 可靠性
  • adversary 对方