首页    期刊浏览 2024年11月23日 星期六
登录注册

文章基本信息

  • 标题:Developing a Secure Web Application Using OWASP Guidelines
  • 本地全文:下载
  • 作者:Khairul Anwar Sedek ; Norlis Osman ; Mohd Nizam Osman
  • 期刊名称:Computer and Information Science
  • 印刷版ISSN:1913-8989
  • 电子版ISSN:1913-8997
  • 出版年度:2009
  • 卷号:2
  • 期号:4
  • 页码:137
  • DOI:10.5539/cis.v2n4P137
  • 出版社:Canadian Center of Science and Education
  • 摘要:Developing a secure Web application is very difficult task. Therefore developers need a guideline to help them to develop a secure Web application. Guideline can be used as a checklist for developer to achieve minimum standard of secure Web application. This study evaluates how good is OWASP guideline in helping developer to build secure Web application. The developed system is then tested using code auditing and penetration testing to identify the achievement of the system security for the application. After applying the testing techniques from Open Source Security Testing Methodology (OSSTMM) on the Top Ten Critical vulnerabilities as defined by OWASP, a standard measure score are calculated. The score is used to decide on the level of security of the developed web application. A high percentage score would indicate that the guideline helps in building a secured web application. Hence, the result proved that OWASP guideline is effective in ensuring the trustworthiness of the system and can be used as referral by other web developer especially in developing applications for a university.
国家哲学社会科学文献中心版权所有