Security of Java based AJAX frameworks: Security challenges in the Web 2.0 era - Couverture souple

Raffer, Georg

 
9783639141924: Security of Java based AJAX frameworks: Security challenges in the Web 2.0 era
Couverture souple
ISBN 10 : 363914192X ISBN 13 : 9783639141924
Editeur : VDM Verlag Dr. Müller, 2009

Synopsis

Unfortunately, while AJAX incorporates the bestcapabilities of both thick-client and thin-clientarchitectures, it is vulnerable to the same attacksthat affect both types of applications. Thick-clientapplications are insecure because they could bedecompiled and analyzed by an attacker. The sameproblem exists with AJAX applications - in fact evenmore so, because in most cases the attacker does noteven need to go to the effort of decompiling theprogram. Knowing the attack surface and thearchitectural weakness of a chosen AJAX frameworklays the foundation for a software architect todesign and develop secure and enterprise-ready AJAXweb applications. This paper does not only discussgeneral vulnerabilities of AJAX-based webapplications, but reflects these in a real-worldexample showing the attack surface for applicationsbuilt with state-of-the-art AJAX frameworks likeJBoss Seam and Google Web Toolkit. The findings ofthis paper help software architects and developers toget a practical understanding of potential attacks.They are a contribution to increase the security ofweb applications.

Les informations fournies dans la section « Synopsis » peuvent faire référence à une autre édition de ce titre.

Présentation de l'éditeur

Unfortunately, while AJAX incorporates the bestcapabilities of both thick-client and thin-clientarchitectures, it is vulnerable to the same attacksthat affect both types of applications. Thick-clientapplications are insecure because they could bedecompiled and analyzed by an attacker. The sameproblem exists with AJAX applications - in fact evenmore so, because in most cases the attacker does noteven need to go to the effort of decompiling theprogram. Knowing the attack surface and thearchitectural weakness of a chosen AJAX frameworklays the foundation for a software architect todesign and develop secure and enterprise-ready AJAXweb applications. This paper does not only discussgeneral vulnerabilities of AJAX-based webapplications, but reflects these in a real-worldexample showing the attack surface for applicationsbuilt with state-of-the-art AJAX frameworks likeJBoss Seam and Google Web Toolkit. The findings ofthis paper help software architects and developers toget a practical understanding of potential attacks.They are a contribution to increase the security ofweb applications.

Biographie de l'auteur

Being active in the Internet business since 2001, my professionalinterests are focused on development and design of secureenterprise applications based on Java technology. After finishingmy INFORMATION MANAGEMENT studies in 1999 I continued to focus onsecurity relevant topics and finished my second studies ADVANCEDSECURITY ENGINEERING in 2008.

Les informations fournies dans la section « A propos du livre » peuvent faire référence à une autre édition de ce titre.

Éditeur
VDM Verlag Dr. Müller
Date d'édition
2009
Langue
anglais
ISBN 10 
363914192X
ISBN 13 
9783639141924
Reliure
Broché
Nombre de pages
112
Coordonnées du fabricant
non disponible
Personne responsable
non disponible