1. Repositori Institucional (O2)
  2. Recerca
  3. Tecnología y comunicación
  4. Informàtica, tecnologia i multimèdia
  5. Articles
Empreu aquest identificador per citar o enllaçar aquest ítem: http://hdl.handle.net/10609/1320
Registre complet de metadades
Camp DCValorLlengua/Idioma
dc.contributor.authorGarcia-Alfaro, Joaquin-
dc.contributor.authorNavarro-Arribas, Guillermo-
dc.contributor.otherUniversitat Oberta de Catalunya. K-ryptography and Information Security for Open Networks (KISON)-
dc.date.accessioned2010-02-16T11:56:43Z-
dc.date.available2010-02-16T11:56:43Z-
dc.date.issued2007-
dc.identifier.citationGARCIA-ALFARO, J.; NAVARRO, G. (2007). "Prevention of Cross-Site Scripting Attacks on Current Web Applications". Lecture Notes in Computer Science. 4804, p. 1.770-1.784. ISSN: 0302-9743.-
dc.identifier.issn0302-9743MIAR
-
dc.identifier.urihttp://hdl.handle.net/10609/1320-
dc.description.abstractSecurity is becoming one of the major concerns for web applications and other Internet based services, which are becoming pervasive in all kinds of business models and organizations. Web applications must therefore include, in addition to the expected value offered to their users, reliable mechanisms to ensure their security. In this paper, we focus on the specific problem of preventing cross-site scripting attacks against web applications. We present a study of this kind of attacks, and survey current approaches for their prevention. The advantages and limitations of each proposal are discussed, and an alternative solution is introduced. Our proposition is based on the use of X.509 certificates, and XACML for the expression of authorization policies. By using our solution, developers and/or administrators of a given web application can specifically express its security requirements from the server side, and require the proper enforcement of such requirements on a compliant client. This strategy is seamlessly integrated in generic web applications by relaying in the SSL and secure redirect calls.en
dc.format.mimetypeapplication/pdf-
dc.language.isoeng-
dc.rightsThe original publication is available at http://www.springerlink.com/content/e9057385714r6171-
dc.subject.lcshInternet -- Security measuresen
dc.subject.lcshComputer networks -- Security measuresen
dc.subject.lcshComputer securityen
dc.titlePrevention of Cross-Site Scripting Attacks on Current Web Applications-
dc.typeinfo:eu-repo/semantics/article-
dc.audience.mediatorTheme areas::Computer Science, Technology and Multimediaen
dc.subject.lemacInternet -- Mesures de seguretatca
dc.subject.lemacOrdinadors, Xarxes d' -- Mesures de seguretatca
dc.subject.lemacInformàtica -- Mesures de seguretatca
dc.subject.lcshesInternet -- Medidas de seguridades
dc.subject.lcshesOrdenadores, Redes de -- Medidas de seguridades
dc.subject.lcshesInformática -- Medidas de seguridades
dc.identifier.doi10.1007/978-3-540-76843-2_45-
dc.gir.idAR/0000001633-
Apareix a les col·leccions:Articles cientÍfics
Articles

Arxius per aquest ítem:
Arxiu Descripció MidaFormat 
GarciaAlfaro_LNCS2007_Prevention.pdf138,52 kBAdobe PDFThumbnail
Veure/Obrir
Mostrar el registre simplificat de l'ítem
Comparteix:
Impacte: Google Scholar Microsoft Academic
Exporta:
Consulta les estadístiques

Els ítems del Repositori es troben protegits per copyright, amb tots els drets reservats, sempre i quan no s’indiqui el contrari.