Web 2.0 desktop and mobile application security design

From the developerWorks archives

Cesar Santiago and Maryann Hondo

Date archived: September 6, 2016 | First published: June 21, 2011

Most attempted attacks are directed to web applications. These attacks focus on the most common vulnerabilities, which include cross-site scripting, SQL injection, parameter tampering, cookie poisoning, and information leakage. Traditional perimeter defenses, such as firewalls and intrusion detection systems, will not prevent this kind of attack, because these exploit program vulnerabilities. This article describes the most common vulnerabilities and possible countermeasures and explains the value of automated security scanning in the development process to produce secure applications.

This content is no longer being updated or maintained. The full article is provided "as is" in a PDF file. Given the rapid evolution of technology, some steps and illustrations may have changed.



static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Rational, Security, Mobile development
ArticleID=680868
ArticleTitle=Web 2.0 desktop and mobile application security design
publish-date=06212011