Relevant bibliographies by topics / Web Applications; Storage; Security

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Web Applications; Storage; Security'

Author: Grafiati
Published: 4 June 2021
Last updated: 18 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Web Applications; Storage; Security.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Web Applications; Storage; Security"

1

Lyba, M. V., and L. Uhryn. "MODERN TOOLS FOR SECURITY TESTING FROM OWASP." Bulletin of Lviv State University of Life Safety 22 (December 28, 2020): 18–22. http://dx.doi.org/10.32447/20784643.22.2020.03.

Full text
Abstract:
With the development of information technology, humanity is increasingly delving into the world of gadgets, cloud technology, virtual reality, and artificial intelligence. Through web applications, we receive and distribute information, including confidential. During the pandemic, most people switched to online work and study. As a result, most of the data stored on personal computers, company servers, and cloud storage needs protection from cyberattacks. The problem of cybersecurity at the moment is incredibly relevant due to the hacking of cryptocurrencies, websites of ministries, bitcoin wallets or social network accounts. It is necessary to conduct high-quality testing of developed applications to detect cyber threats, to ensure reliable protection of different information. The article states that when testing applications, it checks for vulnerabilities that could arise as a result of incorrect system setup or due to shortcomings in software products. The use of innovation is necessary to improve quality. Modern realities have become a challenge for the development of cybersecurity products. Improvement of technology requires modern companies to update their IT systems and conduct regular security audits. The research is devoted to the analysis of modern OWASP testing tools that contribute to data security, with a view to their further use. The Open Web Application Security Project is an open security project. The research revealed a list of the most dangerous vectors of attacks on Web-applications, in particular, OWASP ZAP performs analyzes the sent and received data system security scanning at the primary level, MSTG performs security testing of mobile applications iOS and Android mobile devices. The practical result of the work is to test a specially developed web-application and identify vulnerabilities of different levels of criticality.
APA, Harvard, Vancouver, ISO, and other styles
2

Xie, Guo Bo, and Bing Ying Yao. "The Fingerprint Identification Technology is Applied to the Application Research of Web Cloud Storage Safety Certification." Applied Mechanics and Materials 536-537 (April 2014): 161–67. http://dx.doi.org/10.4028/www.scientific.net/amm.536-537.161.

Full text
Abstract:
In view of the authentication model based on token and password of traditional web cloud storage easily is forgotten or theft that raise questions about identity theft. This paper proposes a identity authentication scheme of web cloud storage based on fingerprint identification. Using the identity authentication model of fingerprint identification to verify web cloud storage users that satisfy people to the web of cloud storage security, reliability and convenience of the proposed requirements, effectively solve the problem of the resource of unauthorized access. The paper put forward three layers of c/s architecture that effectively improve the flexibility, scalability and efficiency of authentication system. And mixed encryption algorithm is put forward as two-way authentication identity authentication protocol improve system security and realize high transmission of huge amounts of data. Finally through the test and analysis of practical application proves that the security authentication based on fingerprint identification applying in the web cloud storage certification system is feasible.
APA, Harvard, Vancouver, ISO, and other styles
3

Huang, Lin Na. "Research and Application of Web Database Security Technology." Applied Mechanics and Materials 380-384 (August 2013): 2306–11. http://dx.doi.org/10.4028/www.scientific.net/amm.380-384.2306.

Full text
Abstract:
With the wide application of Web technology, Web database system is playing an increasingly important role in network application. The storage amount of Web database information is growing, at the same time, the security of Web database has been facing extremely daunting challenges. How to strengthen the security of Web database system has become an important issue of network researches. This paper has introduced implementation techniques of database security, described the sub-key encryption algorithm of database in details, and applied it to the management system of information student.
APA, Harvard, Vancouver, ISO, and other styles
4

Tofan, Dragoş Ovidiu. "Business Intelligence Security." Review of Economic and Business Studies 9, no. 1 (June 1, 2016): 157–69. http://dx.doi.org/10.1515/rebs-2016-0030.

Full text
Abstract:
AbstractExcess information characteristic to the current environment leads to the need for a change of the organizations’ perspective and strategy not only through the raw data processing, but also in terms of existing applications generating new information. The overwhelming evolution of digital technologies and web changes led to the adoption of new and adapted internal policies and the emergence of regulations at level of governments or different social organisms. Information security risks arising from the current dynamics demand fast solutions linked to hardware, software and also to education of human resources. Business Intelligence (BI) solutions have their specific evolution in order to bring their contribution to ensure the protection of data through specific components (Big Data, cloud, analytics). The current trend of development of BI applications on mobile devices brings with it a number of shortcomings related to information security and require additional protective measure regarding flows, specific processing and data storage.
APA, Harvard, Vancouver, ISO, and other styles
5

Srinivasu, N., O. Sree Priyanka, M. Prudhvi, and G. Meghana. "Multilevel classification of security threats in cloud computing." International Journal of Engineering & Technology 7, no. 1.5 (December 31, 2017): 253. http://dx.doi.org/10.14419/ijet.v7i1.5.9157.

Full text
Abstract:
Cloud Security was provided for the services such as storage, network, applications and software through internet. The Security was given at each layer (Saas, Paas, and Iaas), in each layer, there are some security threats which became the major problem in cloud computing. In Saas, the security issues are mainly present in Web Application services and this issue can be overcome by web application scanners and service level agreement(SLA). In Paas, the major problem is Data Transmission. During transmission of data, some data may be lost or modified. The PaaS environment accomplishes proficiency to some extent through duplication of information. The duplication of information makes high accessibility of information for engineers and clients. However, data is never fully deleted instead the pointers to the data are deleted. In order to overcome this problem the techniques that used are encryption[12], data backup. In Iaas the security threat that occurs in is virtualization and the techniques that are used to overcome the threats are Dynamic Security Provisioning(DSC), operational security procedure, for which Cloud Software is available in the market, for e.g. Eucalyptus, Nimbus 6.
APA, Harvard, Vancouver, ISO, and other styles
6

Patel, Iishi, Sambhav Jain, J. K. Vishwajeet, Vibhuti Aggarwal, and Pragati Mehra. "Securing Electronic Healthcare Records in Web Applications." International Journal of Engineering and Advanced Technology 10, no. 5 (June 30, 2021): 236–42. http://dx.doi.org/10.35940/ijeat.e2781.0610521.

Full text
Abstract:
In such an unfortunate situation of a medical emergency, a lot of people tend to lose their lives which can be a result of misplaced/delayed paperwork. Thus it is essential to have the patient’s medical record history before going into major surgery and it is often unavailable at the required time due to the chain of communication between different hospitals. As a possible solution to this problem we propose a central chain of all medical records of a patients in an electronic format. The electronic health records (EHRs) are patient-centered, real-time records that make information available to authorized users and help doctors diagnose cases more quickly, reduce medical errors, and deliver safer care. EHRs improve the communication gap and make the process of getting medical attention quicker. Our methodology includes an easy to use 2 module approach (doctor portal and patient portal) with multiple sub modules all linked to a common database. We create a secure and centralized database for EHRs with an easy approach and manageable methodology. Security is important in our use case and we thus include- Secure authentication (and verification of doctor’s ID while creating a new account) , two factor authentication and OTP verification while accessing patient reports. We are using block chain for safely storing multiple patient records for maintaining a safe storage of multiple records. The doctors will be able to access the patients with few clicks and verification and understand the patient background. This will majorly help in maintaining records, accessing prescription and getting an overview of the patient's medical history while saving a lot of manual paper work.
APA, Harvard, Vancouver, ISO, and other styles
7

Vivek Tammineedi, Venkata Satya, and V. N. Rajavarman. "A Novel Analysis of Advanced Visual Cryptography Techniques for Providing Security Against Web Attacks Using Support Vector Machine Technique." Journal of Computational and Theoretical Nanoscience 17, no. 5 (May 1, 2020): 2097–114. http://dx.doi.org/10.1166/jctn.2020.8855.

Full text
Abstract:
In today’s internet applications such as some real time application services like core banking and other public service oriented application have been major issue in authentication of user specification. To perform online dictionary attacks, passwords have been used for security and authentication mechanism. Present days, hacking of databases on web oriented applications is unavoidable to access them easily. Data maintenance is a complex task in internet applications. To solve these type of problems in internet applications, in this paper, we proposed a novel Integrated and Dynamic CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) (I&D CAPTCHA), which is extension version of existing CAPTCHA that valuated third party human attacks in internet applications based Visual Cryptography approach to discuss about authentication problem in real time applications. There is more number of methods presented for security in advanced pictures for insurance from inventive uninvolved or dynamic assaults in system correspondence environment. Like insightful Visual Cryptographic (VC) is a cutting edge strategy, which is utilized to mystery picture safely impart furthermore keep up to privacy. To proceed with difficulties of security in advanced picture information sharing, so in this paper we break down various VC security instruments for computerized picture information offering to regard tomystery information secrecy. Our examination give effective security answers for relative mystery advanced picture information imparting to correspondence progressively environment. Security aspects are main concepts in present days because of increasing statistical data storage. In Artificial Intelligence (AI) oriented applications, it is very difficult in terms of protection to increasing new aspects in real time world. So we also plan a Novel and Advanced Security system to enable solution for basic AI problems in this paper. This framework mainly works based on Captcha as visual security passwords (CaRP); it is two way communication plan which means that, it is the combination of Captcha and visual security plan. Our approach mainly worked with image security with respect to selection of passwords based on random way. In this paper, we also propose AMODS, an adaptive system that periodically updates the detection model to detect the latest unknown attacks. We also propose an adaptive learning strategy, called SVM HYBRID, leveraged by our system to minimize manual work. Our system out performs existing web attack detectionmethods, with an F-value of 94.79% and FP rate of 0.09%. The total number of malicious queries obtained by SVM HYBRID is 2.78 times that by the popular Support Vector Machine Adaptive Learning (SVMAL) method. The malicious queries obtained can be used to update the Web Application Firewall (WAF) signature library.
APA, Harvard, Vancouver, ISO, and other styles
8

Shinde, Rucha, Shruti Patil, Ketan Kotecha, and Kirti Ruikar. "Blockchain for Securing AI Applications and Open Innovations." Journal of Open Innovation: Technology, Market, and Complexity 7, no. 3 (August 14, 2021): 189. http://dx.doi.org/10.3390/joitmc7030189.

Full text
Abstract:
Nowadays, open innovations such as intelligent automation and digitalization are being adopted by every industry with the help of powerful technology such as Artificial Intelligence (AI). This evolution drives systematic running processes, involves less overhead of managerial activities and increased production rate. However, it also gave birth to different kinds of attacks and security issues at the data storage level and process level. The real-life implementation of such AI-enabled intelligent systems is currently plagued by the lack of security and trust levels in system predictions. Blockchain is a prevailing technology that can help to alleviate the security risks of AI applications. These two technologies are complementing each other as Blockchain can mitigate vulnerabilities in AI, and AI can improve the performance of Blockchain. Many studies are currently being conducted on the applicability of Blockchains for securing intelligent applications in various crucial domains such as healthcare, finance, energy, government, and defense. However, this domain lacks a systematic study that can offer an overarching view of research activities currently going on in applying Blockchains for securing AI-based systems and improving their robustness. This paper presents a bibliometric and literature analysis of how Blockchain provides a security blanket to AI-based systems. Two well-known research databases (Scopus and Web of Science) have been examined for this analytical study and review. The research uncovered that idea proposals in conferences and some articles published in journals make a major contribution. However, there is still a lot of research work to be done to implement real and stable Blockchain-based AI systems.
APA, Harvard, Vancouver, ISO, and other styles
9

Kellezi, Deina, Christian Boegelund, and Weizhi Meng. "Securing Open Banking with Model-View-Controller Architecture and OWASP." Wireless Communications and Mobile Computing 2021 (September 21, 2021): 1–13. http://dx.doi.org/10.1155/2021/8028073.

Full text
Abstract:
In 2015, the European Union passed the PSD2 regulation, with the aim of transferring ownership of bank accounts to the private person. As a result, Open Banking has become an emerging concept, which provides third-party financial service providers open access to bank APIs, including consumer banking, transaction, and other financial data. However, such openness may also incur many security issues, especially when the data can be exposed by an API to a third party. Focused on this challenge, the primary goal of this work is to develop one innovative web solution to the market. We advocate that the solution should be able to trigger transactions based on goals and actions, allowing users to save up money while encouraging positive habits. In particular, we propose a solution with an architectural model that ensures clear separation of concern and easy integration with Nordea’s (the largest bank in the Nordics) Open Banking APIs (sandbox version), and a technological stack with the microframework Flask, the cloud application platform Heroku, and persistent data storage layer using Postgres. We analyze and map the web application’s security threats and determine whether or not the technological frame can provide suitable security level, based on the OWASP Top 10 threats and threat modelling methodology. The results indicate that many of these security measures are either handled automatically by the components offered by the technical stack or are easily preventable through included packages of the Flask Framework. Our findings can support future developers and industries working with web applications for Open Banking towards improving security by choosing the right frameworks and considering the most important vulnerabilities.
APA, Harvard, Vancouver, ISO, and other styles
10

Ahirwar, Dr Anamika, Nikita Prajapat, and Simran Raj. "AN ANALYTICAL STUDY ON CLOUD COMPUTING." BSSS journal of computer 12, no. 1 (June 30, 2021): 30–35. http://dx.doi.org/10.51767/jc1204.

Full text
Abstract:
This paper is about the An Analytical Study on Cloud Computing. Cloud computing is the development of parallel computing, grid computing, distributed computing, and virtualization technologies which define the shape of a new area. In contrast to a variety of benefits related with cloud computing, there are certain challenges as well. These challenges include security, privacy and reliability of data, high costs of data transfers, and regularity in the availability of services, and bugs in large-scale distributed systems. Cloud computing is a method of computing in a place that provides users with the ability of information technology as a service and allows them to have access to these services on the Internet without having limited information. Cloud computing can help businesses transform their closing server infrastructures into dynamic environments, expanding and reducing server capacity depending on their demand. Cloud is a image to describe web as a space where computing has been pre-installed and close as a service; data, operating systems, applications, storage and processing power close on the web ready to be shared. In cloud computing data owners expand their complex data management systems from community sites to the public cloud for great pliability and cost-effective. The searching of this study that highlight there are five main issues related with cloud computing execution which are Mobility and Cloud Government Application security issues, Cloud Security data, cloud security platform, Cloud Security Services and Application, cloud network security issues and infrastructure issues.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Web Applications; Storage; Security"

1

Lin, Wenghui. "Data Security Enhancement for Web Applications Using Cryptographic Back-end Store." Scholarly Repository, 2009. http://scholarlyrepository.miami.edu/oa_theses/235.

Full text
Abstract:
Conventional storage technologies do not always give sufficient guarantees of security for critical information. Databases and file servers are regularly compromised, with consequential theft of identities and unauthorized use of sensitive information. Some cryptographic technologies increase the security guarantees, but rely on a key, and key secrecy and maintenance are difficult problems. Meanwhile, there is an accelerating trend of moving data from local storage to Internet storage. As a result, automatic security of critical information without the need for key management promises to be an important technology for Web Applications. This thesis presents such solution for Internet data storage that uses a secret sharing scheme. The shared secrets are packaged as JSON objects and delivered to various endpoints using HTTP semantics. A shopping website is developed to demonstrate the solution.
APA, Harvard, Vancouver, ISO, and other styles
2

Prabhakara, Deepak. "Web Applications Security : A security model for client-side web applications." Thesis, Norwegian University of Science and Technology, Department of Telematics, 2009. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-8962.

Full text
Abstract:

The Web has evolved to support sophisticated web applications. These web applications are exposed to a number of attacks and vulnerabilities. The existing security model is unable to cope with these increasing attacks and there is a need for a new security model that not only provides the required security but also supports recent advances like AJAX and mashups. The attacks on client-side Web Applications can be attributed to four main reasons – 1) lack of a security context for Web Browsers to take decisions on the legitimacy of requests, 2) inadequate JavaScript security, 3) lack of a Network Access Control and 4) lack of security in Cross-Domain Web Applications. This work explores these four reasons and proposes a new security model that attempts to improve overall security for Web Applications. The proposed security model allows developers of Web Applications to define fine-grained security policies and Web Browsers enforce these rules; analogous to a configurable firewall for each Web Application. The Browser has disallows all unauthorized requests, thus preventing most common attacks like Cross-Site Script Injections, Cross-Frame Scripting and Cross-Site Tracing. In addition the security model defines a framework for secure Cross-Domain Communication, thus allowing secure mashups of Web Services. The security model is backward compatible, does not affect the current usability of the Web Applications and has cross-platform applicability. The proposed security model was proven to protect against most common attacks, by a proof-of-concept implementation that was tested against a comprehensive list of known attacks.

APA, Harvard, Vancouver, ISO, and other styles
3

Svartberg, Anja. "Security in Offline Web Applications." Thesis, Norges Teknisk-Naturvitenskaplige Universitet, Institutt for elektronikk og telekommunikasjon, 2009. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-10003.

Full text
Abstract:

Offline Web applications are increasingly popular. The possibility to have both the advantages of Web applications and traditional desktop applications is exiting. An offline Web application can be accessed from all computers, with any operating system, as well as offering to store information locally, giving the user the opportunity to use the application when the user does not have Internet access. The concept of offline Web applications is tempting, but it is important to integrate security in the process of making them. The users rely on a high level of security. In this thesis I have looked specifically on how the persistent client-side storage needed for offline storage for the offline Web application can be compromised due to security vulnerabilities on the Web server. I have performed a literature review to gather information on the topic of security in offline Web applications, and it was found that there has not been much previous research in this area. Two technologies for realization of offline Web applications were reviewed: HTML5 and Google Gears. Following, a Web server was set up, and two test applications with offline capabilities, representing the two chosen technologies, were put on the Web server. A set of security tests were performed on these test applications to reveal possible vulnerabilities in having persistent client-side storage. The results of the security testing demonstrate the consequences of having security weaknesses in Web servers hosting offline Web applications. If there is one cross-site scripting vulnerability on the Web server, an attacker can attack the persistent client-side storage: steal, change, delete or add information related to the offline Web application. Some thoughts on possible consequences of attacks on the hosting Web server are also given. A comparison between Google Gears and HTML5 was performed, and it was found that some of the design choices in Google Gears help provide a higher level of security in offline Web applications. Some strategies for testing the security of offline Web applications are suggested, focused on cross-site scripting vulnerabilities. The work in this thesis underlines the importance of including security in the process of developing and deploying offline Web applications. It shows the large consequences that can result from small security vulnerabilities present in the hosting Web server. Introductorily, the advantages of offline Web applications were discussed. The work presented here shows that the increasing use of offline Web applications relies on a high focus on security in order to keep the users' information safe.

APA, Harvard, Vancouver, ISO, and other styles
4

Ge, Xiaocheng. "Agile security for Web applications." Thesis, University of York, 2007. http://etheses.whiterose.ac.uk/11071/.

Full text
Abstract:
Web-based applications (or more concisely, Web applications) are a kind of information system with a particular architecture. They have progressively evolved from Internet browser-based, read-only information repositories to Web-based distributed systems. Today, increasing numbers of businesses rely on their Web applications. At the same time, Web applications are facing many security challenges and, as a result, are exposing businesses to many risks. This thesis proposes a novel approach to building secure Web applications using agile software development methods.
APA, Harvard, Vancouver, ISO, and other styles
5

Erdogan, Gencer. "Security Testing of Web Based Applications." Thesis, Norwegian University of Science and Technology, Department of Computer and Information Science, 2009. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-9993.

Full text
Abstract:

Web applications are becoming more and more popular in means of modern information interaction, which leads to a growth of the demand of Web applications. At the same time, Web application vulnerabilities are drastically increasing. This will inevitably expose more Web application users to malicious attacks, causing them to lose valuable information or be harmed in other ways. One of the most important software security practices that is used to mitigate the increasing number of vulnerabilities is security testing. The most commonly applied security testing methodologies today are extensive and are sometimes too complicated with their many activities and phases. Because of this complexity, developers very often tend to neglect the security testing process. Today, there is only a few security testing methodologies developed especially for Web applications and their agile development environment. It is therefore necessary to give attention to security testing methodologies for Web applications. A survey of state-of-the-art security testing methodologies for Web applications is performed. Based on some predefined criterions, Agile Security Testing is selected as the most adequate security testing methodology for Web applications, and is further extended to support all the predefined criterions. Furthermore, the extended Agile Security Testing methodology (EAST) is integrated into the Software Development Life Cycle applied by the Administrative Information Services group at the Department of General Infrastructure Services at CERN−The European Organization for Nuclear Research. Finally, by using the EAST methodology and the security testing methodology applied by the AIS group (which is an ad hoc way of performing security tests), an evaluation of the EAST methodology compared to existing ad hoc ways of performing security tests is made. The security testing process is carried out two times using the EAST methodology and two times using the ad hoc approach. In total, 9 vulnerability classes are tested. The factors that are used to measure the efficiency is: (1) the amount of time spent on the security testing process, (2) the amount of vulnerabilities found during the security testing process and (3) the ability to mitigate false-positives during the security testing process. The results show that the EAST methodology is approximately 21% more effective in average regarding time spent, approximately 95% more effective regarding the amount of vulnerabilities found, and has the ability to mitigate false-positives, compared to existing ad hoc ways of performing security tests. These results show that structured security testing of Web applications is possible not being too complicated with many activities and phases. Furthermore, it mitigates three important factors that are used as basis to neglect the security testing process. These factors are: The complexity of the testing process, the “too time-consuming” attitude against security testing of Web applications and that it’s considered to lack a significant payoff.

APA, Harvard, Vancouver, ISO, and other styles
6

Srilatha, Rondla, and Gande Someshwar. "Security Testing for Web Applications in SDLC." Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-2903.

Full text
Abstract:
Context: In Web applications, the Software vulnerability can be reduced by applying security testing in all phases of the software development life cycle (SDLC). Lot of vulnerabilities might occur if the security testing is applied in the last phase of SDLC. In order to mitigate these vulnerabilities, a lot of rework is required that involves reverse engineering in the development and design phases. To overcome this situation, organizations are shifting from security testing (performed in last phase) towards security testing in the early phases of SDLC. Objectives: The main objectives of this thesis are to gather the benefits and challenges of security testing in the last phase versus security testing in every phase of the SDLC. After gathering, authors want to compare both implementations because these days most organizations are shifting from last phase to every phase of SDLC. Justification to the reason can be achieved by this comparison. Methods: In order to satisfy the objectives of this thesis, a literature review and interviews were conducted. The literature review was conducted by gathering benefits and challenges of last phase and every phase of SDLC. Authors have applied coding technique to the data gathered from literature review. By using the results from literature review, a set of questions were framed. Based on these questions, interviews in various organizations were performed. To analyze the practitioner’s data we used Sorting and Coding technique. Then, we conducted a comparative analysis to compare both results. Results: Application of security testing in the last phase of the SDLC results in a lot of rework which in turn leads to instability in managing the cost, time and resources in an organisation. In order to overcome this, more and more organisations are introducing security testing at each and every phase of SDLC. Conclusions: It can be concluded that every phase of security testing in SDLC has more benefits than applying in last phase of SDLC. To evaluate this process more research is needed to acquire more knowledge of security testing in all phases of SDLC. Through literature review and interviews conducted, it is evident that security testing at early phases causes a reduction in rework which in turn leads to more efficient management of cost, time and resources of a project.
+91 8977404640
APA, Harvard, Vancouver, ISO, and other styles
7

Singh, Kapil. "Designing security policies and frameworks for web applications." Diss., Georgia Institute of Technology, 2011. http://hdl.handle.net/1853/41122.

Full text
Abstract:
The new developments behind Web 2.0 have increased the complexity of web systems making the task of securing these systems a challenging problem. As a result, end-to-end security for web access has been hindered by the limitations of current web security policies and by the lack of systems that enable effective enforcement of policies. The focus of this dissertation is on how new tools and frameworks may be designed to aid the protection of web systems by acting as policy specification and enforcement points. In particular, we develop a set of policies and frameworks for three web players--the user, the web browser and the web application--that determine the end-to-end security of web content. Our contributions include a framework for users to specify security policies, a platform to enforce user policies for third-party applications, a systematic analysis of browser policy issues, and a mechanism to provide improved end-to-end security/integrity guarantees.
APA, Harvard, Vancouver, ISO, and other styles
8

Mundada, Yogesh. "Building data-centric security mechanisms for web applications." Diss., Georgia Institute of Technology, 2016. http://hdl.handle.net/1853/55013.

Full text
Abstract:
Data loss from web applications at different points of compromise has become a major liability in recent years. Existing security guidelines, policies, and tools fail often, ostensibly for reasons stemming from blatant disregard of common practice to subtle exploits originating from complex interactions between components. Current security mechanisms focus on “how to stop illicit data transfer”(i.e., the “syntax”), and many tools achieve that goal in principle. Yet, the practice of securing data additionally depends on allowing administrators to clearly specify “what data should be secured” (i.e., the “semantics”). Currently, translation from “security semantics” to “security syntax” is manual, time­consuming, and ad hoc. Even a slight oversight in the translation process could render the entire system insecure. Security semantics frequently need modifications due to changes in various external factors such as policy changes, user reclassification, and even code refactoring. This dissertation hypothesizes that adaptation to such changes would be faster and less error prone if the tools also focused on automating translation from semantics to syntax, in addition to simply executing the syntax. With this approach, we build following low ­maintenance security tools that prevent unauthorized sensitive data transfer at various vantage points in the World Wide Web ecosystem. We show how the security tools can take advantage of inherent properties of the sensitive information in each case, making the translation process automatic and faster: ● Appu, a tool that automatically finds personal information(semantics) spread across web services, and suggests actions(syntax) to minimize data loss risks. ● Newton, a tool that formalizes the access control model using web cookies. Using this formal approach, it improves the security of the existing session management techniques by detecting(semantics) and protecting(syntax) privileged cookies without requiring input from the site administrator. ● SilverLine, a system for cloud­based web services that automatically derives data exfiltration rules(syntax) from the information about sensitive database tables & inter­table relationships(semantics). Then, it executes these rules using information flow control mechanism.
APA, Harvard, Vancouver, ISO, and other styles
9

Ur-Rehman, Wasi. "Maintaining Web Applications Integrity Running on RADIUM." Thesis, University of North Texas, 2015. https://digital.library.unt.edu/ark:/67531/metadc804975/.

Full text
Abstract:
Computer security attacks take place due to the presence of vulnerabilities and bugs in software applications. Bugs and vulnerabilities are the result of weak software architecture and lack of standard software development practices. Despite the fact that software companies are investing millions of dollars in the research and development of software designs security risks are still at large. In some cases software applications are found to carry vulnerabilities for many years before being identified. A recent such example is the popular Heart Bleed Bug in the Open SSL/TSL. In today’s world, where new software application are continuously being developed for a varied community of users; it’s highly unlikely to have software applications running without flaws. Attackers on computer system securities exploit these vulnerabilities and bugs and cause threat to privacy without leaving any trace. The most critical vulnerabilities are those which are related to the integrity of the software applications. Because integrity is directly linked to the credibility of software application and data it contains. Here I am giving solution of maintaining web applications integrity running on RADIUM by using daikon. Daikon generates invariants, these invariants are used to maintain the integrity of the web application and also check the correct behavior of web application at run time on RADIUM architecture in case of any attack or malware. I used data invariants and program flow invariants in my solution to maintain the integrity of web-application against such attack or malware. I check the behavior of my proposed invariants at run-time using Lib-VMI/Volatility memory introspection tool. This is a novel approach and proof of concept toward maintaining web application integrity on RADIUM.
APA, Harvard, Vancouver, ISO, and other styles
10

Ngu, Phuc Huy. "Web applications - New mobile service paradigm." Thesis, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, 2012. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-19040.

Full text
Abstract:
The explosion of mobile applications both in number and variety raises the need of shedding light on their architecture, composition and quality. Indeed, it is crucial to understand which mobile application paradigm fits better to what type of application and usage. Such understanding has direct consequences on the user experience, the development cost and sale revenues of mobile apps. In this thesis, we identify four main mobile application paradigms and evaluate them from the viewpoints of developers, users and service providers. To ensure objectivity and accuracy we start by defining high level criteria and then breaking down into finer-grained criteria. After a theoretical evaluation an implementation was carried out as a practical verification to ensure that the method adopted in analysis and evaluation is trusted and applicable. The selected application is object recognition app, which is both exciting and challenging to develop.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Web Applications; Storage; Security"

1

Lipyeow, Lim, Wang Wei, Li Chuan, Chen Lei, and SpringerLink (Online service), eds. Web-Age Information Management: 13th International Conference, WAIM 2012, Harbin, China, August 18-20, 2012. Proceedings. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Testing Web security: Assessing the security of Web sites and applications. Indianapolis, Ind: Wiley, 2002.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

Splaine, Steve. Testing web security: Assessing the security of web sites and applications. Indianapolis: Wiley, 2002.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Mike, Shema, ed. Hacking exposed: Web applications. New York: McGraw-Hill/Osborne, 2002.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Scambray, Joel. Hacking exposed: Web applications. New York: McGraw-Hill/Osborne, 2002.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

The tangled Web: A guide to securing modern Web applications. San Francisco: No Starch Press, 2011.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Vincent, Liu, and Sima Caleb, eds. Hacking exposed: Web applications : web application security secrets and solutions. 3rd ed. New York: McGraw-Hill, 2011.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

Wang, Jianyong. Web-Age Information Management: 14th International Conference, WAIM 2013, Beidaihe, China, June 14-16, 2013. Proceedings. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Andreu, Andres. Professional pen testing for Web applications. Indianapolis, Ind: Wiley Pub., 2006.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Bill, Ballad, ed. Securing PHP web applications. Upper Saddle River, NJ: Addison-Wesley, 2009.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Web Applications; Storage; Security"

1

Xu, Guosheng, Zhimin Wu, Chengze Li, Jinghua Yan, Jing Yuan, Zhiyong Wang, and Lu Wang. "Method of Deep Web Collection for Mobile Application Store Based on Category Keyword Searching." In Security, Privacy, and Anonymity in Computation, Communication, and Storage, 325–35. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-24907-6_25.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Reagan, Rob. "Azure Table Storage." In Web Applications on Azure, 139–85. Berkeley, CA: Apress, 2017. http://dx.doi.org/10.1007/978-1-4842-2976-7_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Reagan, Rob. "Azure Data Storage Overview." In Web Applications on Azure, 61–76. Berkeley, CA: Apress, 2017. http://dx.doi.org/10.1007/978-1-4842-2976-7_3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Win, Khin-Myo, Wee-Keong Ng, and Ee-Peng Lim. "ENAXS: Efficient Native XML Storage System." In Web Technologies and Applications, 59–70. Berlin, Heidelberg: Springer Berlin Heidelberg, 2003. http://dx.doi.org/10.1007/3-540-36901-5_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Wen, Mi, Shui Yu, Jinguo Li, Hongwei Li, and Kejie Lu. "Big Data Storage Security." In Big Data Concepts, Theories, and Applications, 237–55. Cham: Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-27763-9_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Cerullo, Fabio E. "Deploying Secure Web Applications with OWASP Resources." In Web Application Security, 21. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010. http://dx.doi.org/10.1007/978-3-642-16120-9_11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Gong, Fengguang, Wenting Huang, Hao Luo, and Hailong Zhu. "DNFStore:A Distributed Netflow Storage System Supports Fast Retrieval." In Web Technologies and Applications, 158–66. Cham: Springer International Publishing, 2014. http://dx.doi.org/10.1007/978-3-319-11119-3_15.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Lee, Ho Jung, and Jung Hwan Song. "Designing Security Auditing Protocol with Web Browsers." In Information Security Applications, 364–76. Berlin, Heidelberg: Springer Berlin Heidelberg, 2006. http://dx.doi.org/10.1007/11604938_29.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Hu, Xiangyu, Haiwei Zhang, and Xiaojie Yuan. "A Compact XML Storage Scheme Supporting Efficient Path Querying." In Web Technologies and Applications, 711–18. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012. http://dx.doi.org/10.1007/978-3-642-29253-8_68.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Choi, Dae-Sik, Eul Gyu Im, and Cheol-Won Lee. "Intrusion-Tolerant System Design for Web Server Survivability." In Information Security Applications, 124–34. Berlin, Heidelberg: Springer Berlin Heidelberg, 2004. http://dx.doi.org/10.1007/978-3-540-24591-9_10.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Web Applications; Storage; Security"

1

Hassan, Sabri, and Günther Pernul. "Efficiently Managing the Security and Costs of Big Data Storage using Visual Analytics." In iiWAS '14: The 16th International Conference on Information Integration and Web-based Applications & Services. New York, NY, USA: ACM, 2014. http://dx.doi.org/10.1145/2684200.2684333.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Wang, Yazhe, Shunan Ma, and Lei Ren. "A Security Framework for Cloud Manufacturing." In ASME 2014 International Manufacturing Science and Engineering Conference collocated with the JSME 2014 International Conference on Materials and Processing and the 42nd North American Manufacturing Research Conference. American Society of Mechanical Engineers, 2014. http://dx.doi.org/10.1115/msec2014-4082.

Full text
Abstract:
Cloud manufacturing has been considered as a promising new service-oriented manufacturing paradigm that can transform traditional industry. However security is one of the major issues which hamper the growth of cloud manufacturing industry. In this paper, we analyze the cloud manufacturing security issues and challenges, and propose a security framework for cloud manufacturing, which includes four levels: infrastructure security, identity and access management, data protection and security, and cloud security as a service. The Infrastructure security level can ensure an organization’s core IT infrastructure security at the network, host, and application levels; Identity and access management level can improve operational efficiency and to comply with privacy and data protection requirements; Data protection and security level can help users evaluate their data security scenarios and make informed judgments regarding risk for their organizations; security as a service level, which includes web security service, storage security service and IAM(Identity and Access Management) service, would extract security functions and capacities to assemble software as a service. The cloud manufacturing security framework we proposed can resolve the security issues and improve the security performance of cloud manufacturing industry.
APA, Harvard, Vancouver, ISO, and other styles
3

Zheng, Zhihao, Yao Zhang, Vinay Gurram, Jose Salazar Useche, Isabella Roth, and Yi Hu. "Best Practices in Designing and Implementing Cloud Authentication Schemes." In 7th International Conference on Advances in Computer Science and Information Technology (ACSTY 2021). AIRCC Publishing Corporation, 2021. http://dx.doi.org/10.5121/csit.2021.110307.

Full text
Abstract:
At present, the development and innovation in any business/engineering field are inseparable from the computer and network infrastructure that supports the core business. The world has been turning into an era of rapid development of information technology. Every year, there are more individuals and companies that start using cloud storages and other cloud services for computing and information storage. Therefore, the security of sensitive information in cloud becomes a very important challenge that needs to be addressed. The cloud authentication is a special form of authentication for today’s enterprise IT infrastructure. Cloud applications communicate with the LDAP server which could be an on-premises directory server or an identity management service running on cloud. Due to the complex nature of cloud authentication, an effective and fast authentication scheme is required for successful cloud applications. In this study, we designed several cloud authorization schemes to integrate an onpremises or cloud-based directory service with a cloud application. We also discussed the pros and cons of different approaches to illustrate the best practices on this topic.
APA, Harvard, Vancouver, ISO, and other styles
4

Jain, Vijay, and Amol Kolambkar. "Modeling Web Attachment Storage for Web Applications." In 2014 21st Asia-Pacific Software Engineering Conference (APSEC). IEEE, 2014. http://dx.doi.org/10.1109/apsec.2014.24.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Tanaskovic, Tamara M., and Miodrag Z. Zivkovic. "Security principles for web applications." In 2011 19th Telecommunications Forum Telfor (TELFOR). IEEE, 2011. http://dx.doi.org/10.1109/telfor.2011.6143843.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Kushe, Renelada. "Security Assessment of Web Applications." In University for Business and Technology International Conference. Pristina, Kosovo: University for Business and Technology, 2017. http://dx.doi.org/10.33107/ubt-ic.2017.189.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Liu, Muyang, Ke Li, and Tao Chen. "Security testing of web applications." In GECCO '19: Genetic and Evolutionary Computation Conference. New York, NY, USA: ACM, 2019. http://dx.doi.org/10.1145/3319619.3322026.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Matsumoto, Shinichi, and Kouichi Sakurai. "Acquisition of Evidence of Web Storage in HTML5 Web Browsers from Memory Image." In 2014 Ninth Asia Joint Conference on Information Security (ASIA JCIS). IEEE, 2014. http://dx.doi.org/10.1109/asiajcis.2014.30.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Yadav, Divyani, Deeksha Gupta, Dhananjay Singh, Devendra Kumar, and Upasana Sharma. "Vulnerabilities and Security of Web Applications." In 2018 4th International Conference on Computing Communication and Automation (ICCCA). IEEE, 2018. http://dx.doi.org/10.1109/ccaa.2018.8777558.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Teodoro, Nuno, and Carlos Serrao. "Assessing the Portuguese Web applications security." In 2011 World Congress on Internet Security (WorldCIS-2011). IEEE, 2011. http://dx.doi.org/10.1109/worldcis17046.2011.5749875.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Web Applications; Storage; Security"

1

The Path Toward a Hydrogen Economy: How Industry Can Broaden the Use of Hydrogen. King Abdullah Petroleum Studies and Research Center, November 2020. http://dx.doi.org/10.30573/ks--2020-wb10.

Full text
Abstract:
In the past couple of years, it became evident that hydrogen would need to play a pivotal role in a carbon-free energy system. It would help decarbonize hard-to-abate sectors and act as an energy carrier to manage large variability in renewable energy production and enhance energy security. In most cases, its transportation and storage over a certain distance and timeframe is cheaper than that of electricity. For hydrogen to make an impact, it needs to expand its utility beyond its existing applications.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Web Applications; Storage; Security' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography