DocumentCode
2239052
Title
Some security issues for web based frameworks
Author
Roberts-Morpeth, P. ; Ellman, J.
Author_Institution
Sch. of Comput., Northumbria Univ., Newcastle upon Tyne, UK
fYear
2010
fDate
21-23 July 2010
Firstpage
726
Lastpage
731
Abstract
This report investigates whether a vulnerability found in one web framework may be used to find a vulnerability in a different web framework. To test this hypothesis, several open source applications were installed in a secure test environment together with security analysis tools. Each one of the applications were developed using a different software framework. The results show that a vulnerability identified in one framework can often be used to find similar vulnerabilities in other frameworks. Cross-site scripting security issues are the most likely to succeed when being applied to more than one framework.
Keywords
Web services; Web sites; computer network security; public domain software; software tools; Web Based Frameworks; cross-site scripting; open source applications; secure test environment; security analysis tools; security issues; vulnerability identification; HTML; Information services; Internet; Receivers; Security; Servers; Web sites;
fLanguage
English
Publisher
ieee
Conference_Titel
Communication Systems Networks and Digital Signal Processing (CSNDSP), 2010 7th International Symposium on
Conference_Location
Newcastle upon Tyne
Print_ISBN
978-1-4244-8858-2
Electronic_ISBN
978-1-86135-369-6
Type
conf
Filename
5580329
Link To Document