Skip to main content
SpringerLink
Log in
Book cover

Iberic Web Application Security Conference

IBWAS 2009: Web Application Security pp 63–73Cite as

Web Applications Security Assessment in the Portuguese World Wide Web Panorama

  • Conference paper

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 72))

Abstract

Following the EU Information and Communication Technologies agenda, the Portuguese Government has started the creation of many applications, enabling electronic interaction between individuals, companies and the public administration – the e-Government. Due to the Internet open nature and the sensitivity of the data that those applications have to handle, it is important to ensure and assess their security. Financial institutions, such as banks, that nowadays use the WWW as a communication channel with their customers, face the same challenges.

The main objective of this paper is to introduce a work that will be performed to assess the security of the financial and public administration sectors web applications. In this paper the authors provide a description of the rationale behind this work that involves the selection of a set of key financial and public administration web applications, the definition and application of a security assessment methodology, and the evaluation the assessment results.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Petukhov, A., Kozlov, D.: Detecting Security Vulnerabilities in Web Applications Using Dynamic Analysis with Penetration Testing, Computing Systems Lab, Department of Computer Science, Moscow State University (2008)

    Google Scholar 

  2. Holz, T., Marechal, S., Raynal, F.: New Threats and Attacks on the World Wide Web. IEEE Computer Society, Los Alamitos (2006)

    Google Scholar 

  3. Simplex Program, http://www.simplex.pt

  4. Budiarto, R., Ramadass, S., Samsudin, A., Noor, S.: Development of Penetration Testing Model for Increasing Network Security. IEEE Press, Los Alamitos (2004)

    Book  Google Scholar 

  5. Arkin, B., Stender, S., MCGraw, G.: Software Penetration Testing. IEEE Press, Los Alamitos (2005)

    Google Scholar 

  6. van der Stock, A., et al.: OWASP Top 10 the ten most critical web application security vulnerabilities. In: OWASP (2007)

    Google Scholar 

  7. Agarwwal, A., et al.: OWASP Testing Guide v3.0. In: OWASP (2008)

    Google Scholar 

  8. Auger, R., et al.: Web Application Security Consortium: Threat Classification. WASC Press (2004)

    Google Scholar 

  9. Andreu, A.: Pen Testing for Web Applications, Wiley Publishing, Inc., 10475 Crosspoint Boulevard Indianapolis, IN 46256 (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ISCTE Lisbon University Institute/DCTI, Ed. ISCTE, Av. Forças Armadas, 1649-026, Lisboa, Portugal

    Nuno Teodoro

  2. ISCTE Lisbon University Institute/DCTI/Adetti, Ed. ISCTE, Av. Forças Armadas, 1649-026, Lisboa, Portugal

    Carlos Serrão

Authors
  1. Nuno Teodoro
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carlos Serrão
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. OWASP Portugal Ed. ISCTE, ISCTE-IUL Lisbon University Institute, Av. das Forças Armadas, 1649-026, Lisboa, Portugal

    Carlos Serrão

  2. Internet Security Auditors, OWASP Spain, C. Santander, 101. Edificio A. 2º, E-08030, Barcelona, Spain

    Vicente Aguilera Díaz

  3. OWASP Ireland, OWASP Global Education Committee, 23 The Chandler, Rathborne Village, Ashtown, Dublin 15 Co., Dublin, Ireland

    Fabio Cerullo

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Teodoro, N., Serrão, C. (2010). Web Applications Security Assessment in the Portuguese World Wide Web Panorama. In: Serrão, C., Aguilera Díaz, V., Cerullo, F. (eds) Web Application Security. IBWAS 2009. Communications in Computer and Information Science, vol 72. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16120-9_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16120-9_17

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16119-3

  • Online ISBN: 978-3-642-16120-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation