[go: up one dir, main page]

Gandikota et al., 2023 - Google Patents

Web application security through comprehensive vulnerability assessment

Gandikota et al., 2023

View PDF
Document ID
78129276921248473
Author
Gandikota P
Valluri D
Mundru S
Yanala G
Sushaini S
Publication year
Publication venue
Procedia Computer Science

External Links

Snippet

In current information era, every small-scale industry, MNC's, Schools, and Colleges utilise Web Applications to promote their organizations and provide services to society. Web Applications have become a simple and vital medium for communicating with society. This …
Continue reading at www.sciencedirect.com (PDF) (other versions)

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6263Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2145Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs

Similar Documents

Publication Publication Date Title
Khera et al. Analysis and impact of vulnerability assessment and penetration testing
Nagpure et al. Vulnerability assessment and penetration testing of web application
Devi et al. Testing for security weakness of web applications using ethical hacking
Ravindran et al. A review on web application vulnerability assessment and penetration testing.
Gandikota et al. Web application security through comprehensive vulnerability assessment
Patel A survey on vulnerability assessment & penetration testing for secure communication
Nagpal et al. SECSIX: security engine for CSRF, SQL injection and XSS attacks
Kollepalli et al. An Experimental Study on Detecting and Mitigating Vulnerabilities in Web Applications.
Singh et al. Analysis of web application vulnerabilities using dynamic application security testing
Lewandowski et al. Spidertrap—An innovative approach to analyze activity of internet bots on a website
Lungu et al. Optimizing Anti-Phishing Solutions Based on User Awareness, Education and the Use of the Latest Web Security Solutions.
Lepofsky The manager's guide to web application security: a concise guide to the weaker side of the web
Innocenti et al. “Only as Strong as the Weakest Link”: On the Security of Brokered Single Sign-On on the Web
Zaidan et al. Website vulnerability analysis of AB and XY office in East Java
Deshpande et al. Major web application threats for data privacy & security–detection, analysis and mitigation strategies
Krasniqi et al. Vulnerability Assessment & Penetration Testing: Case study on web application security
Kothawade et al. Cloud Security: Penetration Testing of Application in Micro-service architecture and Vulnerability Assessment.
Gautam et al. Passwords Are Meant to Be Secret: A Practical Secure Password Entry Channel for Web Browsers
Riskhan et al. Major vulnerabilities of web application in real world scenarios and their prevention
MEHARU WEB SECURITY VULNERABILITY ANALYSIS IN SELECTED ETHIOPIAN GOVERNMENTAL OFFICES (USING WHITE BOX AND BLACK BOX TESTING)
Ezenwoye et al. Web application weakness ontology based on vulnerability data
Agrawal et al. Offensive Web Application Security Framework
Almi Web Server Security and Survey on Web Application Security
Rao et al. A Three-Pronged Approach to Mitigate Web Attacks
Heed et al. Deliverable D8. 6 Vulnerability Assessment as a Service Pilot Project