liu.seSearch for publications in DiVA
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Investigating the current state of securityfor small sized web applications
Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
2012 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

It is not uncommon to read about hacker attacks in the newspaper today. The hackers are targeting governments and enterprises, and motives vary. It may be political or economic reasons, or just to gain reputation. News about smaller systems is, unsurprisingly, not as common. Does this mean that security is less relevant of smaller systems? This report investigates the threat model of smaller web applications, to answer that very question.Different attacks are described in the detail needed for explaining their threat but the intention is not to teach the reader to write secure code. The report does, however, provide the reader with a rich source of references for that purpose. After describing some of the worst threats, the general cloud threat model is analyzed. This is followed by a practical analysis of a cloud system, and the report is closed with general strategies for countering threats.The severe destruction that a successful attack may cause and the high prevalence of those attacks motivates some security practices to be performed whenever software is produced. Attacks against smaller companies are more common now than ever before

Place, publisher, year, edition, pages
2012. , 46 p.
Keyword [en]
security, internet, cloud, threat, xss, xsrf, cross site, sql injection, cookie
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:liu:diva-89160ISRN: LIU-IDA/LITH-EX-A--12/072--SEOAI: oai:DiVA.org:liu-89160DiVA: diva2:607549
External cooperation
XDIN Linköping
Subject / course
Information Technology
Uppsok
Technology
Supervisors
Examiners
Available from: 2013-02-26 Created: 2013-02-24 Last updated: 2013-02-26Bibliographically approved

Open Access in DiVA

fulltext(1089 kB)351 downloads
File information
File name FULLTEXT01.pdfFile size 1089 kBChecksum SHA-512
142fe971c198d252d99fa49df3a319370eaf565289b3b8ad7310ea946bb725d7ea86eb5792c5f5dfc0290d1045664db9d09b19a2abf94f312c88949f27976176
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Lundberg, Karl Johan
By organisation
Database and information techniquesThe Institute of Technology
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 351 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 253 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf