Asee peer logo

A Complete Strategy For Web Application Security

Download Paper |

Conference

2005 Annual Conference

Location

Portland, Oregon

Publication Date

June 12, 2005

Start Date

June 12, 2005

End Date

June 15, 2005

ISSN

2153-5965

Conference Session

Security

Page Count

17

Page Numbers

10.23.1 - 10.23.17

DOI

10.18260/1-2--15410

Permanent URL

https://peer.asee.org/15410

Download Count

4333

Paper Authors

author page

Hua Xu

author page

Ronald Glotzbach

author page

Nathan Hartman

Download Paper |

Abstract
NOTE: The first page of text has been automatically extracted and included below in lieu of an abstract

A Complete Strategy for Web Application Security

Hua Xu, Ronald J. Glotzbach, Nathan W. Hartman

Purdue University

Abstract

This paper is intent to develop a complete strategy to secure Web applications. The strategy is

intended to improve the practices of the professionals associated with the development and

operations of Web applications. Web application security is about protecting confidentiality,

integrity, and availability of an organization’s Web assets as well as the organization’s

reputation. The solution to Web application security is more than technology. It also involves

policies, procedures, laws, people, and practices. Also, security is not a one-time effort. It should

be an ongoing process integrated into the application development lifecycle. Security, like other

Web application components, is best managed if planned at the initial phase of the application

lifecycle. This strategy will help project managers and security professionals establish security

policies, conduct risk assessment, and address potential risks in a cost-effective manner. It

ensures system architects design secure application infrastructure. It makes sure application

Proceedings of the 2005 American Society for Engineering Education Annual Conference & Exposition Copyright © 2005, American Society for Engineering Education

Xu, H., & Glotzbach, R., & Hartman, N. (2005, June), A Complete Strategy For Web Application Security Paper presented at 2005 Annual Conference, Portland, Oregon. 10.18260/1-2--15410

ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2005 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015