Lade Inhalt...

Application Level Security Management

Diplomarbeit 2005 106 Seiten

Informatik - Internet, neue Technologien

Zusammenfassung

Inhaltsangabe:Abstract:
Today, more and more enterprises are developing business applications for Internet usage, which results in the exposure of their sensitive data not only to customers, and business partners but also to hackers. Because web applications provide the interface between users sitting somewhere within the World Wide Web and enterprises’ backend-resources, hackers can execute sophisticated attacks that are almost untraceable, aiming to steal, modify or delete enterprises‘ vital data, even when it is protected by passwords or encryption.
As recent viruses and worms such as Nimda, CodeRed or MSBlast have shown, modern attacks are occurring at the application itself, since this is where high-value information is most vulnerable. Such attack scenarios a becoming very problematic nowadays, since traditional network security products such as firewalls or network intrusion detection systems are completely blind to those malicious activities and therefore can not offer any protection at all. Modern protection mechanisms require more sophisticated detection capabilities in order to protect enterprises assets from such attacks now and in the future.
Additionally web application security currently is a highly dynamic and also very emerging field within enterprises’ IT security activities. Therefore this diploma thesis aims to provide a strong focussed picture on the current state of web application security and its different possibilities to raise the overall security level of already implemented web applications and also of future web applications.
Acting as a basis for further analysis, the currently most common web application vulnerabilities are described to get an overview of what a web application has to be protected of and where the root problems of these weaknesses are lying. Although these generic categories may not be applicable to every actually implemented web application, they may be used as baseline for future web applications.
Armed with the background of the current vulnerabilities and their related root causes, a detailed analysis of currently available countermeasures will provide recommendations that may be taken at each of the certain stages of a web application’s lifecycle. Since all further decisions generally should be based upon risk evaluations of specifically considered systems, a possible risk management assessment methodology is provided within the thesis.
Controls and countermeasures are provided from an […]

Details

Seiten
106
Erscheinungsform
Originalausgabe
Jahr
2005
ISBN (eBook)
9783832487058
ISBN (Buch)
9783838687056
Dateigröße
3.3 MB
Sprache
Englisch
Katalognummer
v223681
Institution / Hochschule
Hochschule für Technik, Wirtschaft und Gestaltung Konstanz – unbekannt
Note
1,3
Schlagworte
application firewall internet security intrusion prevention software development lifecycle

Autor

Teilen

Zurück

Titel: Application Level Security Management