Huang et al., 2005 - Google Patents
Web application security—past, present, and futureHuang et al., 2005
View PDF- Document ID
- 317531887444971707
- Author
- Huang Y
- Lee D
- Publication year
- Publication venue
- Computer security in the 21st century
External Links
Snippet
Web application security remains a major roadblock to universal acceptance of the Web for many kinds of online transactions, especially since the recent sharp increase in remotely exploitable vulnerabilities has been attributed to Web application bugs. In software …
- 238000004458 analytical method 0 abstract description 10
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Huang et al. | Securing web application code by static analysis and runtime protection | |
| Shahriar et al. | Mitigating program security vulnerabilities: Approaches and challenges | |
| Chen et al. | Mystique: Uncovering information leakage from browser extensions | |
| Balzarotti et al. | Saner: Composing static and dynamic analysis to validate sanitization in web applications | |
| Guha et al. | Verified security for browser extensions | |
| Bielova | Survey on JavaScript security policies and their enforcement mechanisms in a web browser | |
| Dahse et al. | Static detection of {Second-Order} vulnerabilities in web applications | |
| Shar et al. | Automated removal of cross site scripting vulnerabilities in web applications | |
| Scholte et al. | Preventing input validation vulnerabilities in web applications through automated type analysis | |
| Su et al. | The essence of command injection attacks in web applications | |
| Li et al. | A survey on server-side approaches to securing web applications | |
| Singh et al. | xBook: Redesigning Privacy Control in Social Networking Platforms. | |
| Bugliesi et al. | Formal methods for web security | |
| Robertson et al. | Static Enforcement of Web Application Integrity Through Strong Typing. | |
| US20060282897A1 (en) | Secure web application development and execution environment | |
| Izquierdo et al. | Collaboro: a collaborative (meta) modeling tool | |
| Zech et al. | Knowledge-based security testing of web applications by logic programming | |
| Mitropoulos et al. | Fatal injection: A survey of modern code injection attack countermeasures | |
| Homaei et al. | Athena: A framework to automatically generate security test oracle via extracting policies from source code and intended software behaviour | |
| Huang et al. | Web application security—past, present, and future | |
| Staicu et al. | Understanding and automatically preventing injection attacks on node. js | |
| Simpson | SAFECode whitepaper: Fundamental practices for secure software development 2nd edition | |
| Giffin | Model-based intrusion detection system design and evaluation | |
| Nunes | Blended security analysis for web applications: Techniques and tools | |
| Vernotte | A pattern-driven and model-based vulnerability testing for web applications |