![Some technologies are often developed to take care of the different tasks of a website. Thus web
applications have been used increasingly to provide critical security services
Results
So final the result is that the web applications are more safe and reliable than web services on internet.
So it is our responsibility to use web application because web application were controlled by the owner
who gave protection to web application. So I would be said to author that you make tiny changes in
research article which is that the organization must start a campaign on start in web application over
web services. but in the other hand I also said that when you use web application keep in mind that
there are some application which are really a harmful for us. That these types of applications are made
by the author who is not officially recommended by play store. So that play store or a window do not
take responsibilities when the owner data stole or hack.
Conclusion
Cyber security concerns have increased rapidly in recent years and are raising serious doubts regarding
an emerging part of the global economy. Critical web applications quality cannot be separated from
security problems. In those all research articles I see the web security and frameworks and there
security problem. Security must be present in every critical web application as it is a quality measure
every user take as granted. Some well-defined frameworks, which integrate security with the SDLC,
were explained in this paper. Web applications are nowadays the gateway between people and
everyday operations with the entire world. This must be understood, and therefore, quality standards
must be raised, which from our point of view, it can only happen with the increase of security. Security
Reference
{ 1] V. B. Livshits and M. S. Lam, “Finding security vulnerabilities in java applications with static analysis.”
in Usenix Security, vol. 2013, 2005.
[2] M. Curphey and R. Arawo, “Web application security assessment tools,”
IEEE Security & Privacy, vol. 4, no. 4, pp. 32–41, 2006.
[3] Waleed Alrodhan, Identity management systems, Digital Identity and Access Management:
Technologies and Frameworks (2011) 209.
[4] Rohan Amin, Julie Ryan, Johan van Dorp, Detecting targeted malicious email, Security & Privacy, IEEE
10 (3) (2012) 64–71.
[5] A. Anitha, V. Vaidehi, Context based application level intrusion detection system, in: International
conference on Networking and Services, 2006,
ICNS’06, IEEE, 2006, p. 16.](https://image.slidesharecdn.com/fa17-bscs-359-hcnreviewpaper-converted-200625130157/85/Review-Paper-Research-Articles-2-320.jpg)
![[6] MARK CURPHEY ET AL.; A guide to building secure web applications; referenced
on 9.10.2002; 2002.
URL http://www.owasp.org/guide/
[7] CERT; Advisory ca-2000-02: malicious html tags embedded in client web requests;
referenced on 5.10.2002; 2000.
URL http://www.cert.org/advisories/CA-2000-02.html
[8] W. Stallings, Network security essentials: applications and standards.
Pearson Education India, 2007.
[9] T. Dierks, “The transport layer security (tls) protocol version 1.2,” 2008.
[10] S. McClure, J. Scambray, G. Kurtz, and Kurtz, Hacking exposed:
network security secrets and solutions. McGraw-Hill/Osborne New
York, 2005.
[11] Q. Inc. (2015) Ssl server rating guide. [Online]. Available: https:
//www.ssllabs.com/
[12] OWASP (2010a). OWASP Top 10 - 2010, The Ten Most Critical Web
Application Security Risks. OW ASP.
[13] OWASP (2010b). Owasp web site. http://www.owasp.org/. (Access
date: IS June 2011).
[14] OWASP (20 IOc). Software Assurance Maturity Model - A guide to
building security into software development - version 1.0. OWASP.
[ IS] OWASP (2011a). Owasp code review project.
http://www.owasp.orglindex.php/Category: OWASPCodeReviewPro
ject. (Access date: IS June 2011).
[16] OWASP (201Ib). Owasp live
http://www.owasp.orglindex.php/Category:](https://image.slidesharecdn.com/fa17-bscs-359-hcnreviewpaper-converted-200625130157/85/Review-Paper-Research-Articles-3-320.jpg)
![(Access date: IS June 20 I I).
cd project.
OW ASPLiveCDProject.
[17] OWASP (201Ic). Owasp threat risk modeling.
http://www.owasp.orglindex.php/ ThreatRiskModeling. (Access date: IS
June 2011).
[18] Simplex (2010). Simplex web-site. http://www.simplex.ptlindex.asp.
(Access date: IS June 2011).
[19] Striletchi, C. and Vaida, M.-F. (2003). Enhancing the secu- rity of web
applications. In Information Technology Interfaces, 2003. IT! 2003.
Proceedings of the 25th International Conference on, pages 463 - 468.
[20] Trifonov, G. (2009). Reducing the number of security vul- nerabilitiesin
web applications by improving software quality. In IEEE 5th
International Symposium on Applied Computational Intelligence and
Informatics, pages 51-54. IEEE.](https://image.slidesharecdn.com/fa17-bscs-359-hcnreviewpaper-converted-200625130157/85/Review-Paper-Research-Articles-4-320.jpg)
Review Paper ( Research Articles )
- 1. Review Paper Author Abdul Razzaq ⇑, Khalid Latif, H. Farooq Ahmad, Ali Hur, Zahid Anwar, Peter Charles Bloods worth School of Electrical Engineering and Computer Science, National University of Science and Technology, Islamabad, Pakistan Nuno Theodoro , ISCTE-IUL School of Technology and Architecture, ISCTE-IUL Lisbon University Institute Carlos Serrao, ISCTE-IUL School of Technology and Architecture ISCTE-IUL Lisbon University Institute Ye Zhu, Electrical and Computer Engineering Department, Cleveland State University, Cleveland, OH, USA Abstract we will outline the major security vulnerabilities found in modern web applications. We will then present and evaluate several tools available for assessing web application. Security and for unveiling the presence of these vulnerabilities. Some of the tools assessed the security of a whole site comprehensively while others were created for a more specific task. Providing Web Application Security for an organization that engages in electronic business is a huge and complex task. The Internet, and in particular the World Wide Web, have become one of the most common communication mediums in the World. Millions of users connect everyday to different web-based applications to search for information, exchange messages, interact with each other, conduct business, pay taxes, perform financial operations and many more. Strong security in web applications is critical to the success of your online presence. Security importance has grown massively, especially among web applications. Introduction In This Topic We Discussed On Web Applications Security And To Protect Ourselves From Harmful Activities And Hackers. Because In This World We Have A Lot Of Issues To Face. Because The World Transfer The Old Generation To A Next Generation So That Is Why Our Data Would Be Unsafe Because To Much Load/Data On Internet. So There Is A lot Of Organization In The World Who Work For The Privacy Of There own Companies And There Employees Because Of Hackers And harmful Traffic In Internet Which Disturb The Data of The Organizations And May Case To Hack The Complete Website And Stole The Important And Secret Information. So The Mostly companies of the world should be transferred to an application stage so because there is a less level of chances to hack the applications so In Complete and finally we said that privacy of web applications are more important than other issues Most businesses depend on the power of websites to interact with their customers and sell products.
- 2. Some technologies are often developed to take care of the different tasks of a website. Thus web applications have been used increasingly to provide critical security services Results So final the result is that the web applications are more safe and reliable than web services on internet. So it is our responsibility to use web application because web application were controlled by the owner who gave protection to web application. So I would be said to author that you make tiny changes in research article which is that the organization must start a campaign on start in web application over web services. but in the other hand I also said that when you use web application keep in mind that there are some application which are really a harmful for us. That these types of applications are made by the author who is not officially recommended by play store. So that play store or a window do not take responsibilities when the owner data stole or hack. Conclusion Cyber security concerns have increased rapidly in recent years and are raising serious doubts regarding an emerging part of the global economy. Critical web applications quality cannot be separated from security problems. In those all research articles I see the web security and frameworks and there security problem. Security must be present in every critical web application as it is a quality measure every user take as granted. Some well-defined frameworks, which integrate security with the SDLC, were explained in this paper. Web applications are nowadays the gateway between people and everyday operations with the entire world. This must be understood, and therefore, quality standards must be raised, which from our point of view, it can only happen with the increase of security. Security Reference { 1] V. B. Livshits and M. S. Lam, “Finding security vulnerabilities in java applications with static analysis.” in Usenix Security, vol. 2013, 2005. [2] M. Curphey and R. Arawo, “Web application security assessment tools,” IEEE Security & Privacy, vol. 4, no. 4, pp. 32–41, 2006. [3] Waleed Alrodhan, Identity management systems, Digital Identity and Access Management: Technologies and Frameworks (2011) 209. [4] Rohan Amin, Julie Ryan, Johan van Dorp, Detecting targeted malicious email, Security & Privacy, IEEE 10 (3) (2012) 64–71. [5] A. Anitha, V. Vaidehi, Context based application level intrusion detection system, in: International conference on Networking and Services, 2006, ICNS’06, IEEE, 2006, p. 16.
- 3. [6] MARK CURPHEY ET AL.; A guide to building secure web applications; referenced on 9.10.2002; 2002. URL http://www.owasp.org/guide/ [7] CERT; Advisory ca-2000-02: malicious html tags embedded in client web requests; referenced on 5.10.2002; 2000. URL http://www.cert.org/advisories/CA-2000-02.html [8] W. Stallings, Network security essentials: applications and standards. Pearson Education India, 2007. [9] T. Dierks, “The transport layer security (tls) protocol version 1.2,” 2008. [10] S. McClure, J. Scambray, G. Kurtz, and Kurtz, Hacking exposed: network security secrets and solutions. McGraw-Hill/Osborne New York, 2005. [11] Q. Inc. (2015) Ssl server rating guide. [Online]. Available: https: //www.ssllabs.com/ [12] OWASP (2010a). OWASP Top 10 - 2010, The Ten Most Critical Web Application Security Risks. OW ASP. [13] OWASP (2010b). Owasp web site. http://www.owasp.org/. (Access date: IS June 2011). [14] OWASP (20 IOc). Software Assurance Maturity Model - A guide to building security into software development - version 1.0. OWASP. [ IS] OWASP (2011a). Owasp code review project. http://www.owasp.orglindex.php/Category: OWASPCodeReviewPro ject. (Access date: IS June 2011). [16] OWASP (201Ib). Owasp live http://www.owasp.orglindex.php/Category:
- 4. (Access date: IS June 20 I I). cd project. OW ASPLiveCDProject. [17] OWASP (201Ic). Owasp threat risk modeling. http://www.owasp.orglindex.php/ ThreatRiskModeling. (Access date: IS June 2011). [18] Simplex (2010). Simplex web-site. http://www.simplex.ptlindex.asp. (Access date: IS June 2011). [19] Striletchi, C. and Vaida, M.-F. (2003). Enhancing the secu- rity of web applications. In Information Technology Interfaces, 2003. IT! 2003. Proceedings of the 25th International Conference on, pages 463 - 468. [20] Trifonov, G. (2009). Reducing the number of security vul- nerabilitiesin web applications by improving software quality. In IEEE 5th International Symposium on Applied Computational Intelligence and Informatics, pages 51-54. IEEE.