Tuesday, August 27, 2019

Web Server Application Attacks Research Paper Example | Topics and Well Written Essays - 1250 words

Web Server Application Attacks - Research Paper Example A command injection attack refers to an attack aimed at compromising the sensitive information featured in the back end database that supports the interactive aspects of a web application. Included under this category are issues like cross-site scripting (XSS) and Structured Query Language (SQL) injection. To curb this attack, organizations need to plan and address the security matters that pertain to their web solutions during web development or planning stages. Examples of such approaches would be to hire web application developers with proper knowledge on use of more sophisticated database capabilities like stored procedures to reside in the back end database system or the concept of data objects when writing APIs to access the database system that supports the web utilities. Equally, XSS issues can be handled by employing Model Viewer Controller (MVC) frameworks like Codeignitor while developing web applications. Such frameworks have in-built capabilities to suppress the efforts of clients who try to launch XSS attacks. A precaution taken during the development or planning of a web application is worthwhile for the reason that security issues are harder to handle once a system is deployed or implemented. The third type of attack that targets web servers is interception of unencrypted information that is channeled in communication sessions that take place between the client browsers and the servers. One way to combat this problem is to use Secure Socket Layer (SSL) in web-centered communication. SSL helps in creating an encrypted link between client-server communications. In particular, the concept uses SSL certificates (typically methods like symmetric and asymmetric encryption) to transfer sensitive information like social security numbers and credit card numbers. In the diagram, the server first sends a copy that bears its asymmetric

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.