Presentation | 2010-03-04 Considerations on Web System Development Process against XSS worms Koji Hiyoshi, Kazuko Oyanagi, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | This study is the method of development a secure Web system against the XSS worms attack to exploit the XSS vulnerabilities The KSS worm uses the power of powerful Web browser's script engine. As a result, the XSS vulnerability has expanded the threat. In the beginning, I researched the mechanism and the threat of the XSS worm attack. Second, I researched the method that the developer doesn't make the XSS rulnerabilities and reduces damage to the XSS worms attack if the XSS vulnerabilities existed the web system. Results of the research, each measure has advantages and disadvantages. And I concluded that multiple layers of protective measures were effective against the XSS worms attack. I researched to improve web system development lifecycle to prevent XSS worm attack to examine it by actual development. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Cross Site Scripting / XSS Worm / Development Process / Security |
Paper # | IT2009-73,ISEC2009-81,WBS2009-52 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2010/2/25(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Considerations on Web System Development Process against XSS worms |
Sub Title (in English) | |
Keyword(1) | Cross Site Scripting |
Keyword(2) | XSS Worm |
Keyword(3) | Development Process |
Keyword(4) | Security |
1st Author's Name | Koji Hiyoshi |
1st Author's Affiliation | INSTITUTE of INFORMATION SECURITY() |
2nd Author's Name | Kazuko Oyanagi |
2nd Author's Affiliation | INSTITUTE of INFORMATION SECURITY |
Date | 2010-03-04 |
Paper # | IT2009-73,ISEC2009-81,WBS2009-52 |
Volume (vol) | vol.109 |
Number (no) | 445 |
Page | pp.pp.- |
#Pages | 8 |
Date of Issue |