基于AOP的Web系统注入式攻击应对方案
首发时间:2007-11-22
摘要:本文分析了Web系统所面临的安全问题,并对这些安全问题进行了抽象和概括,总结出了若干类Web安全问题的共性——注入式攻击,其包括:SQL注入、命令行注入、XML注入、XPath注入、JavaScript注入(跨站脚本)等。在此基础上,本文从实验的角度介绍了如何利用AOP技术实现Web系统的安全增强,以应对Web系统所遭遇的注入式攻击。
关键词: AOP 面向方面编程 Web安全 注入攻击 跨站脚本
For information in English, please click here
AOP Based Solution of Web Injection Attack
Abstract:After summarizing some vulnerabilities most web applications encounter, this page distills some common characteristics of these vulnerabilities. Attacks with these characteristics are called injection attacks, including: SQL injection, command injection, XML injection, XPath injection, JavaScript injection (Cross-site Scripting). Then this page demonstrates an AOP based solution to enhance web applications, making them free of injection attacks.
Keywords: AOP Web Security Injection Attack Cross-site Scripting
论文图表:
引用
No.1651916830611957****
同行评议
共计0人参与
勘误表
基于AOP的Web系统注入式攻击应对方案
评论
全部评论0/1000