Universiti Teknologi Malaysia Institutional Repository

Secure web application development prototype using Enterprise Security Application Programming interface (ESAPI)

Mohamed Rasheed, Abdul Barakath and Shanmugam, Bharanidharan and Samy, Ganthan Narayana and Maarop, Nurazean and Magalingam, Pritheega and Khar, Cheng Yeo and Azam, Sami (2017) Secure web application development prototype using Enterprise Security Application Programming interface (ESAPI). Asian Journal ofInforrnation Technology, 16 (1). pp. 7-13. ISSN 1682-3915

[img]
Preview
PDF
431kB

Official URL: http://docsdrive.com/pdfs/medwelljournals/ajit/201...

Abstract

The web application has been playing a key role in the development of modem society. Unlike traditional applications, modem web applications are generally more exposed to untrusted users, data and transmission medium. According to a cenzic 2014 report 96% of all applications tested in 2013 have one or more serious security vulnerability. The root causes behind these vulnerabilities are lack of application security awareness, design flaws and secure coding. Fwthennore, developers frequently see functionality as more important than security. Therefore, this study proposed a simple implementation of the single security Application Programming Interface (API) that could minimize web application security flaws and prevent from critical malicious attacks. A prototype application is developed with open web Application Security Project (OWASP) enterprise security application API based on Rapid Application Development (RAD) methodology. Thus, this study been carried out with an aim to fill the gap between web application development and application security domain.

Item Type:Article
Uncontrolled Keywords:Web application security risks, Rapid Application Development (RAD), Application Programming Interface (API), Enterprise Security Application Programming Interface (ESAPI)
Subjects:T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK5015.888 Web sites
Divisions:Advanced Informatics School
ID Code:81195
Deposited By: Fazli Masari
Deposited On:24 Jul 2019 11:37
Last Modified:24 Jul 2019 11:37

Repository Staff Only: item control page