Security of Java based AJAX frameworks: Security challenges in the Web 2.0 era - Softcover

Raffer, Georg

9783639141924: Security of Java based AJAX frameworks: Security challenges in the Web 2.0 era

Softcover

ISBN 10: 363914192X ISBN 13: 9783639141924

Verlag: VDM Verlag Dr. M�ller, 2009

Alle Exemplare dieser ISBN-Ausgabe

0 Gebraucht

1 Neu

Von EUR 45,84

Unfortunately, while AJAX incorporates the bestcapabilities of both thick-client and thin-clientarchitectures, it is vulnerable to the same attacksthat affect both types of applications. Thick-clientapplications are insecure because they could bedecompiled and analyzed by an attacker. The sameproblem exists with AJAX applications - in fact evenmore so, because in most cases the attacker does noteven need to go to the effort of decompiling theprogram. Knowing the attack surface and thearchitectural weakness of a chosen AJAX frameworklays the foundation for a software architect todesign and develop secure and enterprise-ready AJAXweb applications. This paper does not only discussgeneral vulnerabilities of AJAX-based webapplications, but reflects these in a real-worldexample showing the attack surface for applicationsbuilt with state-of-the-art AJAX frameworks likeJBoss Seam and Google Web Toolkit. The findings ofthis paper help software architects and developers toget a practical understanding of potential attacks.They are a contribution to increase the security ofweb applications.

Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.

Rese�a del editor

Unfortunately, while AJAX incorporates the best capabilities of both thick-client and thin-client architectures, it is vulnerable to the same attacks that affect both types of applications. Thick-client applications are insecure because they could be decompiled and analyzed by an attacker. The same problem exists with AJAX applications - in fact even more so, because in most cases the attacker does not even need to go to the effort of decompiling the program. Knowing the attack surface and the architectural weakness of a chosen AJAX framework lays the foundation for a software architect to design and develop secure and enterprise-ready AJAX web applications. This paper does not only discuss general vulnerabilities of AJAX-based web applications, but reflects these in a real-world example showing the attack surface for applications built with state-of-the-art AJAX frameworks like JBoss Seam and Google Web Toolkit. The findings of this paper help software architects and developers to get a practical understanding of potential attacks. They are a contribution to increase the security of web applications.

Biograf�a del autor

Being active in the Internet business since 2001, my professionalinterests are focused on development and design of secureenterprise applications based on Java technology. After finishingmy INFORMATION MANAGEMENT studies in 1999 I continued to focus onsecurity relevant topics and finished my second studies ADVANCEDSECURITY ENGINEERING in 2008.

��ber diesen Titel� kann sich auf eine andere Ausgabe dieses Titels beziehen.