- ホーム
- > 洋書
- > ドイツ書
- > Mathematics, Sciences & Technology
- > Computer & Internet
- > internet, data communication, networks
Full Description
IBWAS 2009, the Iberic Conference on Web Applications Security, was the first international conference organized by both the OWASP Portuguese and Spanish ch- ters in order to join the international Web application security academic and industry communities to present and discuss the major aspects of Web applications security. There is currently a change in the information systems development paradigm. The emergence of Web 2. 0 technologies led to the extensive deployment and use of W- based applications and Web services as a way to develop new and flexible information systems. Such systems are easy to develop, deploy and maintain and they demonstrate impressive features for users, resulting in their current wide use. The "social" features of these technologies create the necessary "massification" effects that make millions of users share their own personal information and content over large web-based int- active platforms. Corporations, businesses and governments all over the world are also developing and deploying more and more applications to interact with their bu- nesses, customers, suppliers and citizens to enable stronger and tighter relations with all of them. Moreover, legacy non-Web systems are being ported to this new intrin- cally connected environment. IBWAS 2009 brought together application security experts, researchers, educators and practitioners from industry, academia and international communities such as OWASP, in order to discuss open problems and new solutions in application security. In the context of this track, academic researchers were able to combine interesting results with the experience of practitioners and software engineers.
Contents
Abstracts.- The OWASP Logging Project.- SQL Injection - How Far Does the Rabbit Hole Go?.- OWASP O2 Platform - Open Platform for Automating Application Security Knowledge and Workflows.- The Business of Rogueware.- Microsoft Infosec Team: Security Tools Roadmap.- Empirical Software Security Assurance.- Assessing and Exploiting Web Applications with the Open-Source Samurai Web Testing Framework.- Authentication: Choosing a Method That Fits.- Cloud Computing: Benefits, Risks and Recommendations for Information Security.- OWASP TOP 10 2009.- Deploying Secure Web Applications with OWASP Resources.- Thread Risk Modelling.- Protection of Applications at the Enterprise in the Real World: From Audits to Controls.- Papers.- A Semantic Web Approach to Share Alerts among Security Information Management Systems.- WASAT- A New Web Authorization Security Analysis Tool.- Connection String Parameter Pollution Attacks.- Web Applications Security Assessment in the Portuguese World Wide Web Panorama.- Building Web Application Firewalls in High Availability Environments.
