Asee peer logo

A Complete Strategy For Web Application Security

Download Paper |


2005 Annual Conference


Portland, Oregon

Publication Date

June 12, 2005

Start Date

June 12, 2005

End Date

June 15, 2005



Conference Session


Page Count


Page Numbers

10.23.1 - 10.23.17



Permanent URL

Download Count


Request a correction

Paper Authors

author page

Hua Xu

author page

Ronald Glotzbach

author page

Nathan Hartman

Download Paper |

NOTE: The first page of text has been automatically extracted and included below in lieu of an abstract

A Complete Strategy for Web Application Security

Hua Xu, Ronald J. Glotzbach, Nathan W. Hartman

Purdue University


This paper is intent to develop a complete strategy to secure Web applications. The strategy is

intended to improve the practices of the professionals associated with the development and

operations of Web applications. Web application security is about protecting confidentiality,

integrity, and availability of an organization’s Web assets as well as the organization’s

reputation. The solution to Web application security is more than technology. It also involves

policies, procedures, laws, people, and practices. Also, security is not a one-time effort. It should

be an ongoing process integrated into the application development lifecycle. Security, like other

Web application components, is best managed if planned at the initial phase of the application

lifecycle. This strategy will help project managers and security professionals establish security

policies, conduct risk assessment, and address potential risks in a cost-effective manner. It

ensures system architects design secure application infrastructure. It makes sure application

Proceedings of the 2005 American Society for Engineering Education Annual Conference & Exposition Copyright © 2005, American Society for Engineering Education

Xu, H., & Glotzbach, R., & Hartman, N. (2005, June), A Complete Strategy For Web Application Security Paper presented at 2005 Annual Conference, Portland, Oregon. 10.18260/1-2--15410

ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2005 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015