TITLE

SPIRAL SECURITY MODEL TO COUNTER THE THREATS DUE TO HUMAN FACTORS IN WEB APPLICATIONS

AUTHOR(S)
TRIPATHY, BISWAJIT; MISHRA, JIBITESH
PUB. DATE
November 2013
SOURCE
International Journal of Research in Computer Application & Mana;Nov2013, Vol. 3 Issue 11, p36
SOURCE TYPE
Academic Journal
DOC. TYPE
Article
ABSTRACT
Last few years, the security of web has taken a different turn. More and more attacks are done on applications. Also the severe lack of employee awareness is making security breaches particularly due to their weak operational practices. To make the task of the attackers easier, many a times the back-end systems are tied into the front-end ones. Due to the emergence of e-commerce systems, the integration of extranet has made the task of the security managers more complicated. The client side can be classified into external clients and internal employees. The social engineering practices employed by organizations may not be adequate for both categories of clients. We propose a spiral security model that includes the conventional planning phases to monitoring phases that takes the help of various technical components of web applications to counter the threats due to human factors. Though application firewall is a easier threat protection measure, but we propose a model that takes into account some corrective as well as preventive measures from the human perspective based on some technical components.
ACCESSION #
94484981

 

Related Articles

  • Securing America Against Cyber war. McCune, Jayson; Haworth, Dwight // Proceedings of the International Conference on Information Warfa;2012, p185 

    This paper expands on one aspect of Clarke and Knake's (2010) recommendation for defending the United States' Internet infrastructure from external attack. First it summarizes the threat that has been demonstrated in the recent past. Included are a number of data compromises that have been...

  • Internet, Intranet and Extranet.  // Management Services;Jul97, Vol. 41 Issue 7, p32 

    It was the blurring of the distinction between Internet and Intranet that caused an analyst at Summit Strategies in Boston to coin the term Extranet for web sites that live outside an organization's firewall but cater to specific user communities. An Extranet, then, is an Intranet that links...

  • NCR provides Web services.  // Automatic I.D. News;Aug97, Vol. 13 Issue 9, p60 

    Announces that NCR is offering a variety of corporate intranet and extranet services for Internet-based electronic commerce including Webenabled data warehouse solutions and NCR WebMining.

  • CHOOSING THE RIGHT WEB APPLICATION FIREWALL. Cobb, Michael // Information Security;Mar2009, Vol. 11 Issue 3, p43 

    The article presents information on how companies can choose the right Web application firewall (WAF) in order to comply with Payment Card Industry Data Security Standard (PCI DSS) requirements. The author offers technical tips in WAF selection such as custom-tailoring security, testing...

  • The Industry Bytes Back. Clint, Robert // Best's Review;Jul2013, Vol. 114 Issue 3, p73 

    The article focuses on how data analytics could provide powerful new ways to prevent insurance fraud. It is noted that fraudsters constantly find new ways around the protections and firewalls insurers build to detect and prevent crimes and are an extremely creative lot. It is stated that one of...

  • What DMZ is and what it means for your business. leClair, Lee // Inside Tucson Business;4/16/2007, Vol. 16 Issue 45, p11 

    The article discusses the importance of a firewall and demilitarized zone (DMZ) on computer networks and to the business. DMZ allows limited access to information through the Internet but, since there is exposure to the Internet there is still a possibility of risk. It is important for IT...

  • Any value in buying best of breed? Gibbs, Mark // Network World;7/17/2006, Vol. 23 Issue 27, p46 

    The author reflects on the opinion of the public concerning the thoughts of the Gibbs Irregulars on the unified threat management (UTM) appliances. The author explained that UTM appliances are devices which provides security solutions including stateful inspection firewall and...

  • XecurePay Brings Back Trust To Online Payments.  // Software World;Mar2006, Vol. 37 Issue 2, p18 

    The article reports on the problems of online payments and banking in England and the solutions done to regain the trust of customers. A research done by Forrester Research in 2005 revealed that 2.5% e-users have quit e-banking and 6 million Internet users stopped because of security fears and...

  • Taking the complexity out of encryption. Mottershead, Mark // Computer Bulletin;May1997, Vol. 39 Issue 3, p12 

    The business benefits of electronic commerce and communications are readily identifiable but there is mounting concern over the issue of software security, particularly in the unregulated domains of the Internet and Intranet. The UKÕs National Computing Centre has estimated that during...

Share

Read the Article

Courtesy of THE LIBRARY OF VIRGINIA

Sorry, but this item is not currently available from your library.

Try another library?
Sign out of this library

Other Topics