Vulnerability Analysis in Web Distributed Applications

Authors

  • Ion Ivan Bucharest Academy of Economic Studies
  • Dragos Palaghita Bucharest Academy of Economic Studies
  • Sorin Vinturis Bucharest Academy of Economic Studies
  • Mihai Doinea Bucharest Academy of Economic Studies

Keywords:

security, vulnerabilities, risks, optimization, distributed applications

Abstract

The paper analyze vulnerabilities found on web based distributed applications from different perspectives. Classes of vulnerabilities types are identified in order to cope with their different characteristics that each one develops. Methods for analyzing vulnerabilities of an authentication process are developed and solutions are proposed. A model for vulnerability minimization is discussed based on an indicator built on the amount of sensitive data revealed to the end users. Risks are analyzed together with the vulnerabilities that they exploit and measures are identified to combat these pairs.

Author Biographies

Ion Ivan, Bucharest Academy of Economic Studies

Economic Informatics Department

Dragos Palaghita, Bucharest Academy of Economic Studies

Economic Informatics Department

Sorin Vinturis, Bucharest Academy of Economic Studies

Economic Informatics Department

Mihai Doinea, Bucharest Academy of Economic Studies

Economic Informatics Department

References

David WATSON – Web application attacks, Network Security, Issue 11, November, Elsevier, 2006

David MORGAN – Web application security – SQL injection attacks, Network security, Issue 4, Elsevier, April 2006

Mihai DOINEA – Security optimization of a distributed application for calculating daily calories consumption, JISOM, Vol. 4, No. 1, pp. 12-22, ISSN 1843 -4711

Mihai DOINEA, Sorin PAVEL – Security Optimization for Distributed Applications Oriented On Very Large Data Sets, Informatica Economica Journal, Vol. 14, No.

, 2010, pp. 72 – 85, ISSN 1453-1305

Failure to Control Generation of Code –

[Online], Available at: http://cwe.mitre.org/data/definitions/94.html

Assemblies should have valid strong names – [Online], Available at: http://msdn.microsoft.com/en- us/library/ms182127(VS.80).aspx

Do not indirectly expose methods with link demands – [Online], Available at: http://msdn.microsoft.com/en- us/library/ms182303.aspx

Improper Input Validation – [Online], Available at: http://cwe.mitre.org/data/definitions/20.html

Improper Neutralization of Input During Web Page Generation – [Online], Available at: http://cwe.mitre.org/data/definitions/79.html

Downloads

Published

2011-03-30

How to Cite

Ivan, I., Palaghita, D., Vinturis, S., & Doinea, M. (2011). Vulnerability Analysis in Web Distributed Applications. Journal of Mobile, Embedded and Distributed Systems, 3(1), 1-9. Retrieved from http://jmeds.eu/index.php/jmeds/article/view/Vulnerability-Analysis-in-Web-Distributed-Applications