Litcius/Paper detail

Descriptive Analysis of Built-in Security Features in Web Development Frameworks

Abdulaziz Aborujilah, Jibril Adamu, Shafiza Mohd Shariff, Zalizah Awang Long

20222022 16th International Conference on Ubiquitous Information Management and Communication (IMCOM)10 citationsDOI

Abstract

Many challenges are facing modern web applications, and security is a major concern for web applications developers especially when today's web applications are interactive and support user collaboration. SQL injections, cross-site scripting, cross-site request forgery, and broken authentication are examples of these common security vulnerabilities. Several web development frameworks (e.g., Laravel, Spring Boot, Django, Ruby on Rails, and ASP.NET Core) provide out-of-the-box security features to protect modern web applications against the above-mentioned vulnerabilities. Developers usually use manual protection mechanisms to secure modern web applications. Although, manual protection increases the probability of web application attacks. This study focuses on reviewing and comparing and analyzing the most common vulnerabilities found in modern web applications and the web development frameworks built-in security features. This study aid software developers and organizations in selecting the most effective protection methods which are provided by web application frameworks.

Topics & Concepts

Web application securityCross-site scriptingComputer scienceWeb developmentWorld Wide WebWeb application developmentWeb modelingWeb applicationWeb standardsScripting languageWeb engineeringSecurity bugComputer securityWeb serviceSecurity serviceInformation securitySoftware security assuranceOperating systemWeb Application Security VulnerabilitiesSecurity and Verification in ComputingAdvanced Malware Detection Techniques