Sciweavers

COMSIS
2006

Common Web Application Attack Types and Security Using ASP.NET

13 years 11 months ago
Common Web Application Attack Types and Security Using ASP.NET
Web applications security is one of the most daunting tasks today, because of security shift from lower levels of ISO OSI model to application level, and because of current situation in IT environment. ASP.NET offers powerful mechanisms to render these attacks futile, but it requires some knowledge of implementing Web application security. This paper focuses on attacks against Web applications, either to gain direct benefit by collecting private information or to disable target sites. It describes the two most common Web application attacks: SQL Injection and Cross Site Scripting, and is based on author's perennial experience in Web application security. It explains how to use ASP.NET to provide Web applications security. There are some principles of strong Web application security which make up the part of defense mechanisms presented: executing with least privileged account, securing sensitive data (connection string) and proper exception handling (where the new approach is pres...
Bojan Jovicic, Dejan Simic
Added 11 Dec 2010
Updated 11 Dec 2010
Type Journal
Year 2006
Where COMSIS
Authors Bojan Jovicic, Dejan Simic
Comments (0)