Towards a Pattern Language for Security Risk Analysis of Web Applications
نویسندگان
چکیده
This article introduces a pattern language for security risk analysis of web applications in an example driven manner. The example patterns presented include a composite pattern and three basic patterns, namely a security requirements pattern, a web application design pattern and a risk analysis model pattern. The pattern language is intended to be used as a guideline to capture the security risk picture of a web application in a light weighted way with extended user groups, especially in the early phase of the software development life cycle.
منابع مشابه
Using Web Services to Build Grid Applications - The No Risk WSGAF Profile
This document presents design pattern recommendations for building Grid applications based on the principles of service orientation and using existing Web Services technologies. The design pattern described in this document is a subset of the Web Services Grid Application Framework (WSGAF) approach to building Grid applications since it only focuses on the use of the Web Services Interoperabili...
متن کاملImpact of Using Web-quests on Learning Vocabulary by Iranian Pre-university Students
Web-quests are internet-based technology applications in which groups of students follow a specific set of steps toward the completion of a final project on a specific subject or a multi-disciplinary subject. The present study aimed to investigate the impacts of using web-quests on learning vocabulary by Iranian pre-university students. The sample of the study consisted of 72 students assigned ...
متن کاملImpact of Using Web-quests on Learning Vocabulary by Iranian Pre-university Students
Web-quests are internet-based technology applications in which groups of students follow a specific set of steps toward the completion of a final project on a specific subject or a multi-disciplinary subject. The present study aimed to investigate the impacts of using web-quests on learning vocabulary by Iranian pre-university students. The sample of the study consisted of 72 students assigned ...
متن کاملVulnerability of Web-Storage in HTML5 for Web and Mobile Application
HTML5 is not a new version of the existing markup language, but a new paradigm for developing web and mobile applications where various new concepts are introduced to improve compatibility and usability. Web-Storage is the one of new features in HTML5 that enables effective client-side storage and retrieval of the frequently used data. However, it has significant security problems which need to...
متن کاملImproving Tor security against timing and traffic analysis attacks with fair randomization
The Tor network is probably one of the most popular online anonymity systems in the world. It has been built based on the volunteer relays from all around the world. It has a strong scientific basis which is structured very well to work in low latency mode that makes it suitable for tasks such as web browsing. Despite the advantages, the low latency also makes Tor insecure against timing and tr...
متن کامل