Details

Autor(en) / Beteiligte

• Guamán, Daniel
• Guamán, Franco
• Jaramillo, Danilo
• Correa, Roddy
• Rocha, Álvaro
• Correia, Ana Maria
• Adeli, Hojjat
• Reis, Luis Paulo
• Mendonça Teixeira, Marcelo

Titel

Implementation of Techniques, Standards and Safety Recommendations to Prevent XSS and SQL Injection Attacks in Java EE RESTful Applications

Ist Teil von

• New Advances in Information Systems and Technologies, p.691-706

Ort / Verlag

Cham: Springer International Publishing

Link zum Volltext

Quelle

Alma/SFX Local Collection

Beschreibungen/Notizen

• There are recommendations and tools, given by OWASP that suggest basic techniques of prevention and protection of computer attacks over web applications where the common types of attacks are XSS and SQL Injection; for that reasons, we apply recommendations and good practice to minimize this kind of attacks; used some tools to validate automatically attacks and built some expressions to validate manually the intrusions in web applications. Therefore, this study was based on the development of a prototype under REST, design pattern Facade, Java EE and Glassfish [13]. With the development of the prototype it was found that by the use of standards and norms recommend by OWASP the security in terms of overall design and source code in web applications can be greatly improved.