- -

Improving security of web applications based on mainstream technology

RiuNet: Repositorio Institucional de la Universidad Politécnica de Valencia

Compartir/Enviar a

Citas

Estadísticas

  • Estadisticas de Uso

Improving security of web applications based on mainstream technology

Mostrar el registro sencillo del ítem

Ficheros en el ítem

dc.contributor.advisor García Valls, María Soledad es_ES
dc.contributor.author Song, Linxuan es_ES
dc.date.accessioned 2022-05-10T14:51:07Z
dc.date.available 2022-05-10T14:51:07Z
dc.date.created 2022-05-05 es_ES
dc.date.issued 2022-05-10 es_ES
dc.identifier.uri http://hdl.handle.net/10251/182467
dc.description.abstract [ES] There is an enormous quantity of web applications with little or no security configurations at all that are accessible through the Internet. Many of these were academic exercises that were engineered from a purely functional perspective; this leads to poorly specialized configurations and to a lack of security. Many of these applications have been later abandoned by their programmers or simply kept as initially deployed, whereas being still public and fully accessible. On the one hand, the project focuses on the stydy and analysis of selected state of the art web technologies and some of their related security flaws. As web programming technologies evolve, new flaws appear; and also appear the recommended programming patterns to overcome these flaws. Overall, cibersecurity in web systems is a dynamic and evolving process that requires much effort in continuous analysis of systems, of web programming tools, and systems prototyping. For this purpose, an initial basic set up of a web server will be put in place to analyze selected flaws on the field and selected common security missconfigurations. This work will be exemplified on a prototype application comprising a server and a set of IoT nodes monitored by the server. This basic prototype will help to illustrate some security missconfigurations that are frequent and part of OWASP Top 10. Then, a set of recommendations for their configuration and public set up will be designed and programmed. es_ES
dc.description.abstract [EN] There is an enormous quantity of web applications with little or no security configurations at all that are accessible through the Internet. Many of these were academic exercises that were engineered from a purely functional perspective; this leads to poorly specialized configurations and to a lack of security. Many of these applications have been later abandoned by their programmers or simply kept as initially deployed, whereas being still public and fully accessible. On the one hand, the project focuses on the stydy and analysis of selected state of the art web technologies and some of their related security flaws. As web programming technologies evolve, new flaws appear; and also appear the recommended programming patterns to overcome these flaws. Overall, cibersecurity in web systems is a dynamic and evolving process that requires much effort in continuous analysis of systems, of web programming tools, and systems prototyping. For this purpose, an initial basic set up of a web server will be put in place to analyze selected flaws on the field and selected common security missconfigurations. This work will be exemplified on a prototype application comprising a server and a set of IoT nodes monitored by the server. This basic prototype will help to illustrate some security missconfigurations that are frequent and part of OWASP Top 10. Then, a set of recommendations for their configuration and public set up will be designed and programmed. en_EN
dc.format.extent 65 es_ES
dc.language Inglés es_ES
dc.publisher Universitat Politècnica de València es_ES
dc.rights Reserva de todos los derechos es_ES
dc.subject Web application es_ES
dc.subject Security es_ES
dc.subject Web technologies es_ES
dc.subject JavaScript es_ES
dc.subject Python es_ES
dc.subject Flask es_ES
dc.subject HTML es_ES
dc.subject CSS es_ES
dc.subject Fog computing es_ES
dc.subject IoT es_ES
dc.subject.classification INGENIERIA TELEMATICA es_ES
dc.subject.other Grado en Ingeniería de Tecnologías y Servicios de Telecomunicación-Grau en Enginyeria de Tecnologies i Serveis de Telecomunicació es_ES
dc.title Improving security of web applications based on mainstream technology es_ES
dc.type Proyecto/Trabajo fin de carrera/grado es_ES
dc.rights.accessRights Abierto es_ES
dc.contributor.affiliation Universitat Politècnica de València. Departamento de Comunicaciones - Departament de Comunicacions es_ES
dc.contributor.affiliation Universitat Politècnica de València. Escuela Técnica Superior de Ingenieros de Telecomunicación - Escola Tècnica Superior d'Enginyers de Telecomunicació es_ES
dc.description.bibliographicCitation Song, L. (2022). Improving security of web applications based on mainstream technology. Universitat Politècnica de València. http://hdl.handle.net/10251/182467 es_ES
dc.description.accrualMethod TFGM es_ES
dc.relation.pasarela TFGM\148331 es_ES


Este ítem aparece en la(s) siguiente(s) colección(ones)

Mostrar el registro sencillo del ítem