Title :
Proposal for expansion of STASEC tool
Author :
Vukovic, Dijana R. ; Djuric, Z.I. ; Gligoroski, Danilo
Author_Institution :
Elektroteh. Fak., Univ. u Banjoj Luci, Banja Luka, Bosnia-Herzegovina
Abstract :
Priority in the development of Web applications is the implementation of security mechanisms. In order to detect potential security vulnerabilities and implement appropriate security mechanisms, it is necessary to perform a detailed analysis of the application. For the detection of potential failures in the process of applications development, the static analysis of source code is used. STASEC [1] is a tool for static analysis of source code of Web applications that are implemented using the Java programming language. This paper presents a proposal for expansion of this tool with new module for the automatic detection of application vulnerabilities caused by manipulation of the input data on the client.
Keywords :
Internet; Java; program diagnostics; security of data; Java programming language; STASEC tool; Web applications; application vulnerabilities; automatic detection; potential security vulnerabilities; security mechanisms; source code; static analysis; Educational institutions; Electronic mail; HTML; Java; Proposals; Security; Telecommunications; sigurnost Web aplikacija; statička analiza;
Conference_Titel :
Telecommunications Forum (TELFOR), 2012 20th
Conference_Location :
Belgrade
Print_ISBN :
978-1-4673-2983-5
DOI :
10.1109/TELFOR.2012.6419555
