Abstract
Web Applications have become crucial components in providing services on the internet. But at the same time, vulnerabilities are effecting the functioning of web applications severely. Web Applications may expose organizations to significant risk if they are not properly protected. Several hardware dependent solutions are there.But hardware maintenance is big problem. This paper proposes a new approach of locking the restricted or confidential pages with authentication page. This would prevent the unauthorised direct access of the restricted pages by the malicious user, then by keeping the confidential information secure.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Benjamin Livshits, V., Lam, M.S.: Stanford University. Finding Vulnerabilities in Java Application with Static analysis
Joachims, T., Granka, L., Pan, B., Hembrooke, H., Radlinski, F., Gay, G.: Evaluating the accuracy of implicit feedback from clicks and query reformulations in Web search. ACM Transactions on Information Systems 25(2), 1–27 (2007)
Gerstel, O., Kutten, S., SanyLaber, E., Matichin, R., Peleg, D., Souza, C.: Reducing Human Interactions in Web Directory Searches. ACM Transactions on Information Systems 25(4), Article 20, 20–27 (2007)
Shehab, M., Bhattacharya, K., Watson, T.J., Ghafoor, A.: Web Services Discovery In Secure Collaboration Environments. ACM Transactions on Internet Technology 8(1), Article 5, 5–22 (2007)
Web Application Security, Wikipedia
Lattice-based acess control, Wikipedia
Eirinaki, M., Vazirgiannis, M.: Web Site Personalization Based On Link Analysis And Navigational Patterns. ACM Transactions on Internet Technology 7(4), Article 21, 21–27 (2007)
Anand, S.S., Kearney, P., Shapcott, M.: Generating Semantically Enriched User Profiles for Web Personalization. ACM Transactions on Internet Technology 7(4), Article 22, 22–26 (2007)
Auronen, L.: Helsinki University of Technology, Telecommunications Software and Multimedia Laboratory. Tool-Based Approach to Assessing Web Application Security
Desmet, L., Verbaeten, P., Joosen, W., Piessens, F.: Provable Protection Against Web Application Vulnerabilities Related To Session Data Dependencies. IEEE Transactions on Software Engineering 34(1), 50–64 (2008)
webSSARI, Wikipedia
Snelting, G.: Software Engineering based on concept of lattices
Song, H.-G., Kim, Y., Doh, K.-G.: Automatic Detection of Access Control vulnerabilities in Web applications by URL Crawling and Forced Browsing
Song, H.-G., Kim, Y., Doh, K.-G.: Automatic Detection of Access Control vulnerabilities in Web applications by URL Crawling and Forced Browsing
Kanchi, P., Heera Singh, B., Nageswara Rao, K., Murthy, J.V.R.: Hardware Independent Protection against Vulnerabilities in Web Applications. In: NCATS 2012 (2012)
Denning, D.E.: A lattice model of secure information flow. ACM, New York (1976)
Sandhu, R.S.: Lattice-based access control models, vol. 26. IEEE computer (1993)
Coates, R.F.W., Janacek, G.J., Lever, K.V.: Monte Carlo Simulation and Random Number Generation. IEEE Journal on Selected Areas in Communications 6(1), 58–66 (1988)
Han, T.S., Hoshi, M.: Interval Algorithm for Random Number Generation. IEEE Transactions on Information Theory 43(2), 599–611 (1997)
Clewett, J.: Random Numbers. Numberphile. Brady Haran
Khare, R.: Anatomy of a URL. IEEE Internet Computing, 78–81(September/October 1999)
Meier, J.D.: Web Application Security Engineering. IEEE Security & Privacy, 16–24 (2006)
Ofuonye, E., Beatty, P., Reay, I., Dick, S., Miller, J.: How Do We Build Trust Into E-Commerce Web Sites? IEEE Software, 7–9 (2008)
Humeau, P., Jung, M. In: depth benchmark of 12 ecommerce solutions (June 21, 2013)
Rossi, G., Schwabe, D.: Object-Oriented Design Structures in Web Application Models. In: Annals of Software Engineering, vol. 13, pp. 97–110. Kluwer Academic Publishers (2002)
Ricca, F., Tonella, P.: Testing Processes Of Web Applications. In: Annals of Software Engineering, vol. 14, pp. 93–114. Kluwer Academic Publishers (2002)
Läufer, K.: A Hike Through Post-EJB J2EE Web Application Architecture. In: IEEE Computing in Science & Engineering, pp. 80–88 (2005)
Farrell, S.: Password Policy Purgatory. IEEE Internet Computing, 84–87 (2008)
Bellovin, S.M., Cheswick, W.R.: Network Firewalls. IEEE Communications Magazine, 50–57 (September 1994)
Kanchi, P., Nageswara Rao, K.: A Preventive Approch against vulnerabilities in Web Applications. In: ARIES 2012 (2012)
Desmet, L., Piessens, F., Joosen, W., Verbaeten, P.: Bridging the Gap between Web Application Firewalls and Web Applications. In: Proceedings of The Fourth ACM Workshop On Formal Methods in Security, pp. 67–77 (2006)
Bayross, I.: SQL, PL/SQL – The programming language of Oracle. BPB Publications (2006)
Random Number generators, Science Daily
Web Applications (November 17, 2008), http://en.wikipedia.org/Wiki/web_application
Web Application Firewalls (January 28, 2009), www.owasp.org/index.php/web_application_firewall
Broken links of Web pages (February 6, 2009), www.sigchi.org/web/chi97testing/ricknote.html
Random number generation (February 24, 2009), www.random.org/integers
Meadows, C.: Applications of Lattices To Computer Security, http://chacs.nrl.navy.mil
Access Control Matrix, http://en.wikipedia.org/wiki/Access_Control_Matrix (accessed February 2009)
Stamp, M.: Information Security Principles and Practice. John Wiley & Sons Inc., NJ (2006)
Random number, Wikipedia
New Approach to Generating Truly Random Numbers May Improve Internet Security, Weather Forecasts, Science Daily
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Padmaja, K., Nageswara Rao, K., Murthy, J.V.R. (2014). Defending Approach against Forceful Browsing in Web Applications. In: Satapathy, S., Avadhani, P., Udgata, S., Lakshminarayana, S. (eds) ICT and Critical Infrastructure: Proceedings of the 48th Annual Convention of Computer Society of India- Vol II. Advances in Intelligent Systems and Computing, vol 249. Springer, Cham. https://doi.org/10.1007/978-3-319-03095-1_71
Download citation
DOI: https://doi.org/10.1007/978-3-319-03095-1_71
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-03094-4
Online ISBN: 978-3-319-03095-1
eBook Packages: EngineeringEngineering (R0)