Security in Open Source Web Content Management Systems

Typically, users of Web content management systems lack expert knowledge of the technology itself, let alone the security issues therein. Complicating the matter, WCMS vulnerabilities are attractive targets for potential attackers. A security analysis of two popular, open-source WCMSs exposed significant security holes, despite the obvious efforts of their developer communities. These vulnerabilities leave the applications and their nonexpert users open to exploitation.

[1]  Robert C. Newman Cybercrime, identity theft, and fraud: practicing safe internet - network security threats and vulnerabilities , 2006, InfoSecCD '06.

[2]  Erland Jonsson,et al.  Towards an integrated conceptual model of security and dependability , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[3]  Gary McGraw,et al.  Software Security: Building Security In , 2006, 2006 17th International Symposium on Software Reliability Engineering.

[4]  David Budgen,et al.  Software design , 2020, International computer science series.

[5]  James D. McKeen,et al.  Developments in Practice VIII: Enterprise Content Management , 2003, Commun. Assoc. Inf. Syst..

[6]  Andrew S. Tanenbaum,et al.  Distributed systems: Principles and Paradigms , 2001 .

[7]  Gary McGraw,et al.  Exploiting Software: How to Break Code , 2004 .

[8]  Hannu Kivijärvi,et al.  Evaluating strategic IT investments: an assessment of investment alternatives for a web content management system , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[9]  G. Lawton Open Source Security: Opportunity or Oxymoron? , 2002, Computer.

[10]  Tero Päivärinta,et al.  Enterprise Content Management: An Integrated Perspective on Information Management , 2005, Proceedings of the 38th Annual Hawaii International Conference on System Sciences.