Title :
Some security issues for web based frameworks
Author :
Roberts-Morpeth, P. ; Ellman, J.
Author_Institution :
Sch. of Comput., Northumbria Univ., Newcastle upon Tyne, UK
Abstract :
This report investigates whether a vulnerability found in one web framework may be used to find a vulnerability in a different web framework. To test this hypothesis, several open source applications were installed in a secure test environment together with security analysis tools. Each one of the applications were developed using a different software framework. The results show that a vulnerability identified in one framework can often be used to find similar vulnerabilities in other frameworks. Cross-site scripting security issues are the most likely to succeed when being applied to more than one framework.
Keywords :
Web services; Web sites; computer network security; public domain software; software tools; Web Based Frameworks; cross-site scripting; open source applications; secure test environment; security analysis tools; security issues; vulnerability identification; HTML; Information services; Internet; Receivers; Security; Servers; Web sites;
Conference_Titel :
Communication Systems Networks and Digital Signal Processing (CSNDSP), 2010 7th International Symposium on
Conference_Location :
Newcastle upon Tyne
Print_ISBN :
978-1-4244-8858-2
Electronic_ISBN :
978-1-86135-369-6
