 |
 |
|
 |
||
| Title | : |
Insight into Web Application Attack Vectors |
|
|
Lecturer(s) |
: |
Dr Poonam Rani Gupta Dr P R Gupta has more than 20 years experience in academics and research . She has M.Tech from IIT Delhi and Ph.D. in Computer Sc & Engg from KNIT, Sultanpur. Presently, she is working as Associate Professor at CDAC , Noida . Her research interest include Ubiquitous computing, Artificial Intelligence, information security, Open Source Systems , e-governance and IPR issues,. A localized live CD version of Linux namely Abhigyan has been developed by her team for Hindi, Bengali, Tamil and Punjabi. Her group is also working for developing tools for physically challenged people. She has also received UNESCO/ROSTSCA young scientist award in 1990 for her research work in field of IT. |
|
Mr P Govind Raj P Govind Raj is project engineer at CDAC, Noida . His research interest includes Ubiquitous computing, e-Security and Open Source Systems. He has been involved in development of ABHIGYAN-a Live CD Version of Linux with Indian language support. Presently he is coordinating BOSS Primary Resource Centre at CDAC. |
|
||
| Affiliation(s) | : |
|
|
| Audience | : |
|
|
|
Description |
: |
The World Wide Web is growing at a very fast pace. In November 1992, there were only 23 web servers; by 2006 the figure went up to 80 million hostnames. The growth of the WWW was not only in terms of web servers but also the purpose it served. From a platform to share information, it has become a platform to host applications. This trend would grow as more of Web 2.0 becomes evident. Convenience of web comes with an equal share of risk. Issue of confidentiality, integrity and availability of information, identity theft, and non-availability of service are some of the additional risks associated with convenience of www. If we look at the conventional security, lots of solution for network security in terms of Firewalls, IDS, Vulnerability scanners, patches & hardening solutions, VPN's etc exist. Security controls like ACL's Buffer Overflow guards, principles of least privilege, library and framework are available in case of the traditional software. In case of Web, there are not enough security controls as its still evolving medium for lots of applications. Another major reasons for insecure web application is due to the fact that Web application developers are usually not trained on security issues and most security personnel's are not web application developers. Through this tutorial we intend to make web application developers aware of various security issues involved in web application development. The tutorial would focus on various issues of web application security and corresponding attack vectors. Web Scarab - a tool for performing different types of security testing on web applications and web services will also be demonstrated. |
|
A-10, Sector 62, Noida-201307, Uttar Pradesh, India
Copyright © 2007 All Rights Reserved.