Definition of Application Security
What is Application Security?
Application security is the act of securing a computer application or program.
|
|
Application Security
|
|
Instant Message Security - Analysis Of Cerulean Studios Trillian Application
This paper outlines the underlying security risks of Instant Messaging (IM) focusing on an analysis of Cerulean Studios' Trillian application. This paper will examine the Trillian application in detail, analyze the methods of encryption designed into the application, provide a comparison of the underlying packets transmitted, and provide findings based on the overall research and analysis. Trillian has been widely accepted as a secure tool. This paper supports Cerulean Studios' claim that Trillian provides a secure option for both personal and corporate IM usage. The author of this paper is in no way affiliated with or compensated by Cerulean Studios.
Read the Article
|
PERL as a useful, flexible and extensible tool
This paper introduces PERL as a useful, flexible, and extensible tool for the security practitioner. References to resources are provided so that the reader may expand their knowledge beyond the concepts presented here. In this paper examples of PERL's ability to process log files, grab banners of network services, craft packets, and to exploit code that writes to unchecked buffers (typically call buffer overflows) are explored.
Read the Article
|
Search Engines Used to Attack Databases
More recently, hackers have started to use search engines to find web facing database interfaces that can be used to mount attacks on databases placed behind a firewall. This is a significant new development, completely exposing previously "protected" databases to outside attack. As we will demonstrate in this white paper, an attacker can data mine any of the commonly used search engines to find target databases to attack.
Read the Article
|
Secure programmer: Countering buffer overflows
This article discusses the top vulnerability in Linux/UNIX systems: buffer overflows. This article first explains what buffer overflows are and why they're both so common and so dangerous. It then discusses the new Linux and UNIX methods for broadly countering them -- and why these methods are not enough. It then shows various ways to counter buffer overflows in C/C++ programs, both statically-sized approaches (such as the standard C library and OpenBSD/strlcpy solution) and dynamically-sized solutions, as well as some tools to help you. Finally, the article closes with some predictions on the future of buffer overflow vulnerabilities.
Read the Article
|
Secure Programming with .NET
At the core of Microsoft's .NET initiative is the goal of interconnecting businesses, users, applications, and data. However, with all the concerns regarding security and privacy of data, many individuals and companies are reluctant to connect their business systems and place their data in reach of hackers thousands of miles away. Microsoft understands the challenges and concerns facing early adopters of their technology, and has made security one of their top priorities. The fundamental pillar for building applications is the security surrounding the .NET framework and the security services it provides. In this article, we will provide an overview of .NET framework security features and provide practical tips on how to write secure code in the .NET framework. More importantly, we will discuss which pitfalls to avoid.
Read the Article
|
Security in Software Applications
The author gives us an overview on how to integrate security features as part of software application development model. This paper also covers some important points dealing with explicit versus implicit security measures from a customers perspective.
Read the Article
|
Security Scenarios in Analysis and Design
This article addresses the issue of designing security into systems rather than trying to add it to systems after development. It is found by surveying teaching materials that security is only given brief acknowledgement as a concern in software development and that security is not well integrated into development life cycles used in schools.
Read the Article
|
Thick Client Application Security
This paper discusses the critical vulnerabilities and corresponding risks in a two tier thick client application along with the measures to mitigate risks. Thick client is defined as an application client that processes data in addition to rendering. An example of thick client application can be a Visual Basic, JAVA or VB.NET application that communicates with a database.
Read the Article
|
Web Browser Insecurity
There has been much debate lately between two different browsers, namely Microsoft's Internet Explorer and the Mozilla Project's Firefox web browser. Security is in the center of this debate, accompanied by features and usability. This article will focus on the security aspects, particularly the risks involved with running any web browser and how to overcome some of these security shortcomings.
Read the Article
|
eVoting - A Perspective on Security
Much has been written about how technology can be used to improve the voting process in the United States, especially since the Presidential Election of 2000. There are some fairly obvious security issues that must be addressed, and some that are not so obvious. While a fairly innocuous process on the surface, these events, when taken together, form a very complex situation from an IT and security perspective. This paper will discuss how these objectives can be met with technology, and in contrast from some of the other literature that is out there, it will go beyond the theoretical and discuss in pragmatic terms what should be done to get from current state to "eVoting." Keep in mind that, given this practical approach to implementing electronic voting, we are differentiating eVoting from voting via the Internet. Included are the important first steps that must be taken in order to gain technical experience and public trust in these new systems.
Read the Article
|
|
|
Page: 1 2 3 4 5 6 7 8 9 10 11
Members currently browsing this category:
|
|
