查詢結果分析
來源資料
頁籤選單縮合
題 名 | 網站安全之研究與系統開發=The Research of the Web Application Security and the Development of Audit Testing Framework |
---|---|
作 者 | 雲首博; 黃培銘; 林佳霖; 陳彥仲; 周國森; 施君熹; 張光耀; | 書刊名 | 電信研究 |
卷 期 | 38:1 2008.02[民97.02] |
頁 次 | 頁1-20 |
分類號 | 312.76 |
關鍵詞 | 網站安全; 網路安全; 資訊安全; Web application testing; SQL injection; XSS; Cross-site script; Vulnerability; Security; DOM; Document object model; JDBC; Java database connectivity; XSLT; Extensible stylesheet language transformations; Complete crawling; |
語 文 | 中文(Chinese) |
中文摘要 | 隨著網際網路(Web)應用服務平臺的持續開發及技術不斷的演進,系統平臺複雜度也隨之提升,我們也可以發現在網際網路上,有越來越多大型且複雜的應用服務平臺。然而,這些系統的開發階段週期很短,很難完善的兼顧資訊安全,往往存在某些安全上的漏洞。駭客最常利用這些Web應用服務平臺的漏洞,直接存取企業網站的後端伺服器資料。因此,確保資訊安全如何落實在應用服務平臺,是很重要的課題。本文探討Web應用服務平臺面臨的資訊安全議題,並實作「資安弱點檢測系統」。 |
英文摘要 | As a large and complicated web application platform, the World Wide Web is capable of delivering a broad range of sophisticated web applications. However, many web applications go through rapid development phases with extremely short turnaround time, making it difficult to eliminate vulnerabilities. Web applications vulnerabilities are by far the most common target of attacks on enterprise information systems because they provide direct access to back-end infrastructure and data. How to protect web application system is very important. The information protection of web application framework in security research and the development of audit testing framework in web application security assessment are described in this paper. |
本系統中英文摘要資訊取自各篇刊載內容。