bth.se
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
WEB APPLICATION SECURITY IN THE JAVA ENVIRONMENT
Blekinge Institute of Technology, School of Computing.
2012 (English)Independent thesis Basic level (degree of Bachelor)Student thesis
Abstract [en]

This project focuses on web security. Some of the most famous vulnerabilities, known troubling web applications. Has been collected and analyzed. Each vulnerability collected in this project, was exploited and secured. Demon- strations from a web application prototype, developed for this project. Brings real examples for each vulnerability, both secured, and insecured. The proto- type ran on a Tomcat web server, and was developed with frameworks such as Web, Spring and Hibernate. Connected to one PostgreSQL data source. All vulnerabilities was successfully implemented in Spring framework, and they were all exploited. Every vulnerability was also secured, with different tools and methods from earlier mentioned frameworks. As a result, real examples from the prototype is used for demonstration in the project, both in a secure and an insecure state. The result views Spring as a framework with good security potential. Most of the Spring specific vulnerabilities, are logical design flaws from developers that can be avoided. Vulnerabilities not related to Spring, such as the one collected for this project. Could be prevented by using methods from the Spring framework or intelligent programming. Which leads to conclusions. Web applications are always exposed to attacks, no matter the framework in use. Creative hackers search to discover new vul- nerabilities, and update old ones all the time. Developers has a responsibility, towards the web applications users. Web applications can not just developed for normal use, but also against possible misuse. Frameworks with good reputation and well processed models, is a good ground for developing a secure application.
Place, publisher, year, edition, pages
2012. , p. 61
Keywords [en]
Web, Spring, Security, Application, Exploit, Vulnerabilities, Secure
National Category
Computer Sciences Software Engineering
Identifiers
URN: urn:nbn:se:bth-2370Local ID: oai:bth.se:arkivex01BB457A282DCD22C1257A3800564E83OAI: oai:DiVA.org:bth-2370DiVA, id: diva2:829642
Uppsok
Technology
Supervisors
Available from: 2015-04-22 Created: 2012-07-11 Last updated: 2018-01-11Bibliographically approved

Open Access in DiVA

fulltext(1485 kB)966 downloads
File information
File name FULLTEXT01.pdfFile size 1485 kBChecksum SHA-512
469da10f0942dfcf22e8b77333e489724b07474ca30478598b578f073ae2c0ccdcc2c1adc21b5ab2394c01f7bb383c8d258baf9be43588a82e1de5ae927ef3d6
Type fulltextMimetype application/pdf

By organisation
School of Computing
Computer SciencesSoftware Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 966 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 546 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.46.0
|
WCAG
|
BTH Library
|
Publish/Register
|
How to publish/register
|
Diva portal
|
SwePub
|
Uppsök