Paper Titles

A New Method for MIMO-OFDM Channel Estimation Based on Discrete Wavelet Transform
p.2066

An Ant Colony Algorithm Method for Multi-Objective Production System
p.2071

Two-Factor Authenticated Key Exchange Protocol in the Three-Party Setting
p.2075

Auto White Balance Algorithm in Digital Camera
p.2080

Corrective Maintenance Based Vulnerability Repair Procedure to Improve Web Application Security
p.2085

Study on Utility Maximization Effectiveness in Packet Network Coding
p.2091

A Study of Smart Bus Dynamic Transit System
p.2095

A Genetic Algorithm with Weight-Based Encoding for One-Dimensional Bin Packing Problem
p.2100

An Anti-Eavesdropping Network Coding Algorithm
p.2105

HomeApplied Mechanics and MaterialsApplied Mechanics and Materials Vols. 182-183Corrective Maintenance Based Vulnerability Repair...

Corrective Maintenance Based Vulnerability Repair Procedure to Improve Web Application Security

Article Preview

Abstract:

In the internet age, the high efficiency and high profit activities must incorporate with the internet. Web Application (Web App) is an important IT product in the internet age. However, the network intrusions and security vulnerabilities have continued to threaten the operation of Web App. Penetration Testing (PT) is a critical step to identify security vulnerabilities. However, PT can not provide specific and effective follow-up work. For this, combining corrective maintenance with Web App repair operation will be discussed in this paper. And based on corrective maintenance, proposes a Web App Secure Repair Procedures (WASRP). Applying WASRP, the misjudgment ratio of security vulnerabilities and defects can be reduced. And assist to repair the security vulnerabilities and defects, effectively and concretely enhance the Web App security.

You might also be interested in these eBooks

Applied Mechanics and Mechatronics Automation

Info:

Periodical:

Applied Mechanics and Materials (Volumes 182-183)

Pages:

2085-2090

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.182-183.2085

Citation:

Cite this paper

Online since:

June 2012

Authors:

Sen Tarng Lai

Keywords:

Corrective Maintenance, Pt, Security Vulnerability, WASRP, Web App

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2012 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

[1] G. McGraw: Software Security, IEEE Security and Privacy, vol. 2, no. 2 (2004), p.80.

[2] A. Hall and R. Chapman: Correctness by Construction: Developing a Commercial Secure System, IEEE Software, (2002), p.18.

DOI: 10.1109/52.976937

[3] N.G. Leveson: Safeware: System Safety and Computers, Addison-Wesley Publishing Company, MA (1995), in press.

[4] J. Viega and G. McGraw: Building Secure Software, Addison-Wesley Publishing Company, MA (2002), in press.

[5] G. McGraw: Software Security – Building Security In, Addison-Wesley Publishing Company, MA (2006), in press.

[6] N. Davis, W. Humphrey, S.T. Redwine, G. Zibulski and G. McGraw: Processes for Producing Secure Software, IEEE Security & Privacy, vol. 2, no. 3 (2004), p.18.

DOI: 10.1109/msp.2004.21

[7] Information on CERT/CC, http: /www. cert. org/stats/cert_stats. html.

[8] Information on SANS Top-20 2011 Security Risks, http: /www. sans. org/top20.

[9] Information on OWASP Top 10, http: /www. owasp. org. tw/blog.

[10] B. Arkin, S. Stender and G. McGraw: Software Penetration Testing, IEEE Security & Privacy, vol. 3, no. 4 (2005), p.84.

DOI: 10.1109/msp.2005.23

[11] M. Bishop: About Penetration Testing, IEEE Security & Privacy, vol. 5, no. 4 (2007), p.84.

[12] J. Bau, E. Bursztein, D. Gupta and J. Mitchell: State of the Art: Automated Black-Box Web Application Vulnerability Testing, 2010 IEEE Symposium on Security and Privacy, (2010), p.332.

DOI: 10.1109/sp.2010.27

[13] S.R. Schach: Object-Oriented Software Engineering, McGraw-Hill Companies, New York, NY (2008), in press.

[14] R.S. Pressman: Software Engineering: A Practitioner's Approach, McGraw-Hill Companies, New York, NY (2010), in press.

[15] S. Hussain, M.Z. Asghar, B. Ahmad and S. Ahmad: A Step towards Software Corrective Maintenance: Using RCM model, International Journal of Computer Science and Information Security Vol. 4, No. 1 & 2, (2009).

[16] S. -T. Lai: Applying Design Quality Measurement Model for Reducing the Cost of Perfective Maintenance, Soochow Journal of Economics and Business, Vol. 50 (2005), p.67. (In Chinese).