Title :
Design and implementation of code security inspection system based on SVN
Author :
Liu, Jun ; Liu, Xiaoming ; Zheng, Bo ; Tang, J.
Author_Institution :
Coll. of Comput. Sci. & Technol., Wuhan Univ. of Sci. & Technol., Wuhan, China
Abstract :
This paper proposes a code security inspection system based on the Subversion, which aims to avoid the submission of risk codes that contain vulnerabilities such as SQL injection, XSS (Cross Site Script) attacks and CSRF (Cross-site request forgery) to SVN repositories. In the proposed system, the submitted code will be scanned and checked and then the results will be sent to the SQA (Software Quality Assurance) units to ensure the product´s safety. The system mainly adopts dependency injection and inversion of control used in the spring framework, and thus it has high scalability and maintainability. The system is also practical, independent, and highly configurable which can meet the needs of different users.
Keywords :
SQL; configuration management; security of data; software quality; SQL injection; SVN repository; XSS attacks; code security inspection system; cross site script attacks; cross-site request forgery; dependency injection; software quality assurance; spring framework; subversion; Databases; Engines; Forgery; History; Inspection; Libraries; Security; CSRF; Code Security Inspection; SQL Injection; SVN; XSS;
Conference_Titel :
Computer Science and Service System (CSSS), 2011 International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4244-9762-1
DOI :
10.1109/CSSS.2011.5974598
