The Reality of Applying Security in Web Applications in Academia

Web applications are used in academic institutions, such as universities, for variety of purposes. Since these web pages contain critical information, securing educational systems is as important as securing any banking system. It has been found that many academic institutions have not fully secured their web pages against some class of vulnerabilities. In this empirical study, these vulnerabilities are focused and their existences in the web sites of the academic institutions are shown. The degree of securing web pages in education systems is measured. The differences among academic institutions on protecting their web applications are discussed. Recommendation on ways of protecting websites is addressed.

[1]  Richard Sharp,et al.  Developing Secure Web Applications , 2002, IEEE Internet Comput..

[2]  Dirk Fox,et al.  Open Web Application Security Project , 2006, Datenschutz und Datensicherheit - DuD.

[3]  Benjamin Livshits,et al.  Finding Security Vulnerabilities in Java Applications with Static Analysis , 2005, USENIX Security Symposium.

[4]  Kyuseok Shim,et al.  Web Technologies and Applications , 2014, Lecture Notes in Computer Science.

[5]  Xiaowei,et al.  A Survey on Web Application Security , 2011 .

[6]  Ye Du,et al.  Design and Implementation of Dynamic Web Security and Defense Mechanism Based on NDIS Intermediate Driver , 2009, 2009 Asia-Pacific Conference on Information Processing.

[7]  Julie-Marie Foss,et al.  Web Application Security , 2005 .

[8]  Ray Welland,et al.  Web development evolution: the assimilation of Web engineering security , 2005, Third Latin American Web Congress (LA-WEB'2005).

[9]  Xin Zheng,et al.  Secure web applications via automatic partitioning , 2007, SOSP.

[10]  Min Cao,et al.  Implementation of Web security & identity scheme based on session & online table , 2009, 2009 4th International Conference on Computer Science & Education.

[11]  Yunjun Gao,et al.  Web Technologies and Applications , 2016, Lecture Notes in Computer Science.

[12]  Sung Deok Cha,et al.  Web server attack categorization based on root causes and their locations , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[13]  Samuel T. King,et al.  Secure Web Browsing with the OP Web Browser , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).