Skip to main content
SpringerLink
Log in

Defending Approach against Forceful Browsing in Web Applications

  • Conference paper
Book cover ICT and Critical Infrastructure: Proceedings of the 48th Annual Convention of Computer Society of India- Vol II

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 249))

  • 2563 Accesses

Abstract

Web Applications have become crucial components in providing services on the internet. But at the same time, vulnerabilities are effecting the functioning of web applications severely. Web Applications may expose organizations to significant risk if they are not properly protected. Several hardware dependent solutions are there.But hardware maintenance is big problem. This paper proposes a new approach of locking the restricted or confidential pages with authentication page. This would prevent the unauthorised direct access of the restricted pages by the malicious user, then by keeping the confidential information secure.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Benjamin Livshits, V., Lam, M.S.: Stanford University. Finding Vulnerabilities in Java Application with Static analysis

    Google Scholar 

  2. Joachims, T., Granka, L., Pan, B., Hembrooke, H., Radlinski, F., Gay, G.: Evaluating the accuracy of implicit feedback from clicks and query reformulations in Web search. ACM Transactions on Information Systems 25(2), 1–27 (2007)

    Article  Google Scholar 

  3. Gerstel, O., Kutten, S., SanyLaber, E., Matichin, R., Peleg, D., Souza, C.: Reducing Human Interactions in Web Directory Searches. ACM Transactions on Information Systems 25(4), Article 20, 20–27 (2007)

    Google Scholar 

  4. Shehab, M., Bhattacharya, K., Watson, T.J., Ghafoor, A.: Web Services Discovery In Secure Collaboration Environments. ACM Transactions on Internet Technology 8(1), Article 5, 5–22 (2007)

    Google Scholar 

  5. Web Application Security, Wikipedia

    Google Scholar 

  6. Lattice-based acess control, Wikipedia

    Google Scholar 

  7. Eirinaki, M., Vazirgiannis, M.: Web Site Personalization Based On Link Analysis And Navigational Patterns. ACM Transactions on Internet Technology 7(4), Article 21, 21–27 (2007)

    Google Scholar 

  8. Anand, S.S., Kearney, P., Shapcott, M.: Generating Semantically Enriched User Profiles for Web Personalization. ACM Transactions on Internet Technology 7(4), Article 22, 22–26 (2007)

    Google Scholar 

  9. Auronen, L.: Helsinki University of Technology, Telecommunications Software and Multimedia Laboratory. Tool-Based Approach to Assessing Web Application Security

    Google Scholar 

  10. Desmet, L., Verbaeten, P., Joosen, W., Piessens, F.: Provable Protection Against Web Application Vulnerabilities Related To Session Data Dependencies. IEEE Transactions on Software Engineering 34(1), 50–64 (2008)

    Article  Google Scholar 

  11. webSSARI, Wikipedia

    Google Scholar 

  12. Snelting, G.: Software Engineering based on concept of lattices

    Google Scholar 

  13. Song, H.-G., Kim, Y., Doh, K.-G.: Automatic Detection of Access Control vulnerabilities in Web applications by URL Crawling and Forced Browsing

    Google Scholar 

  14. Song, H.-G., Kim, Y., Doh, K.-G.: Automatic Detection of Access Control vulnerabilities in Web applications by URL Crawling and Forced Browsing

    Google Scholar 

  15. Kanchi, P., Heera Singh, B., Nageswara Rao, K., Murthy, J.V.R.: Hardware Independent Protection against Vulnerabilities in Web Applications. In: NCATS 2012 (2012)

    Google Scholar 

  16. Denning, D.E.: A lattice model of secure information flow. ACM, New York (1976)

    Google Scholar 

  17. Sandhu, R.S.: Lattice-based access control models, vol. 26. IEEE computer (1993)

    Google Scholar 

  18. Coates, R.F.W., Janacek, G.J., Lever, K.V.: Monte Carlo Simulation and Random Number Generation. IEEE Journal on Selected Areas in Communications 6(1), 58–66 (1988)

    Article  Google Scholar 

  19. Han, T.S., Hoshi, M.: Interval Algorithm for Random Number Generation. IEEE Transactions on Information Theory 43(2), 599–611 (1997)

    Article  MathSciNet  MATH  Google Scholar 

  20. Clewett, J.: Random Numbers. Numberphile. Brady Haran

    Google Scholar 

  21. Khare, R.: Anatomy of a URL. IEEE Internet Computing, 78–81(September/October 1999)

    Google Scholar 

  22. Meier, J.D.: Web Application Security Engineering. IEEE Security & Privacy, 16–24 (2006)

    Google Scholar 

  23. Ofuonye, E., Beatty, P., Reay, I., Dick, S., Miller, J.: How Do We Build Trust Into E-Commerce Web Sites? IEEE Software, 7–9 (2008)

    Google Scholar 

  24. Humeau, P., Jung, M. In: depth benchmark of 12 ecommerce solutions (June 21, 2013)

    Google Scholar 

  25. Rossi, G., Schwabe, D.: Object-Oriented Design Structures in Web Application Models. In: Annals of Software Engineering, vol. 13, pp. 97–110. Kluwer Academic Publishers (2002)

    Google Scholar 

  26. Ricca, F., Tonella, P.: Testing Processes Of Web Applications. In: Annals of Software Engineering, vol. 14, pp. 93–114. Kluwer Academic Publishers (2002)

    Google Scholar 

  27. Läufer, K.: A Hike Through Post-EJB J2EE Web Application Architecture. In: IEEE Computing in Science & Engineering, pp. 80–88 (2005)

    Google Scholar 

  28. Farrell, S.: Password Policy Purgatory. IEEE Internet Computing, 84–87 (2008)

    Google Scholar 

  29. Bellovin, S.M., Cheswick, W.R.: Network Firewalls. IEEE Communications Magazine, 50–57 (September 1994)

    Google Scholar 

  30. Kanchi, P., Nageswara Rao, K.: A Preventive Approch against vulnerabilities in Web Applications. In: ARIES 2012 (2012)

    Google Scholar 

  31. Desmet, L., Piessens, F., Joosen, W., Verbaeten, P.: Bridging the Gap between Web Application Firewalls and Web Applications. In: Proceedings of The Fourth ACM Workshop On Formal Methods in Security, pp. 67–77 (2006)

    Google Scholar 

  32. Bayross, I.: SQL, PL/SQL – The programming language of Oracle. BPB Publications (2006)

    Google Scholar 

  33. Random Number generators, Science Daily

    Google Scholar 

  34. Web Applications (November 17, 2008), http://en.wikipedia.org/Wiki/web_application

  35. Web Application Firewalls (January 28, 2009), www.owasp.org/index.php/web_application_firewall

  36. Broken links of Web pages (February 6, 2009), www.sigchi.org/web/chi97testing/ricknote.html

  37. Random number generation (February 24, 2009), www.random.org/integers

  38. Meadows, C.: Applications of Lattices To Computer Security, http://chacs.nrl.navy.mil

  39. Access Control Matrix, http://en.wikipedia.org/wiki/Access_Control_Matrix (accessed February 2009)

  40. Stamp, M.: Information Security Principles and Practice. John Wiley & Sons Inc., NJ (2006)

    Google Scholar 

  41. Random number, Wikipedia

    Google Scholar 

  42. New Approach to Generating Truly Random Numbers May Improve Internet Security, Weather Forecasts, Science Daily

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dr. B.R.A GMR Polytechnic, Rajahmundry, India

    K. Padmaja

  2. PSCMR College of Engineering & Technology, Vijayawada, India

    K. Nageswara Rao

  3. Dept. Of CSE, JNTU, Kakinada, India

    J. V. R. Murthy

Authors
  1. K. Padmaja
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. K. Nageswara Rao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. J. V. R. Murthy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to K. Padmaja .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Anil Neerukonda Institute of Technology and Sciences, Vishakapatnam, India

    Suresh Chandra Satapathy

  2. College of Engineering(A), Andhra University, Vishakapatnam, India

    P. S. Avadhani

  3. University of Hyderabad, Hyderabad, India

    Siba K. Udgata

  4. CSIR-National Institute of Oceanography, Visakhapatnam, India

    Sadasivuni Lakshminarayana

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Padmaja, K., Nageswara Rao, K., Murthy, J.V.R. (2014). Defending Approach against Forceful Browsing in Web Applications. In: Satapathy, S., Avadhani, P., Udgata, S., Lakshminarayana, S. (eds) ICT and Critical Infrastructure: Proceedings of the 48th Annual Convention of Computer Society of India- Vol II. Advances in Intelligent Systems and Computing, vol 249. Springer, Cham. https://doi.org/10.1007/978-3-319-03095-1_71

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-03095-1_71

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-03094-4

  • Online ISBN: 978-3-319-03095-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation