Online Book store Course Name: Web Security Project 1 Presented by Amruta Raichurkar Videhi Patel.

Slides:



Advertisements
Similar presentations
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
Advertisements

Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.
Vinotemp Online Store Presented by: Ken Hoang. Motivation To help the company selling its products online A part of my works.
Copyright © 2004 Pearson Education, Inc. Slide 7-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.
UML Extensions for Web Design Design activities: –Partitioning of objects into tiers such as client, server, etc. –Separating and defining user interfaces.
Development of a Web Based B&B Reservation System Elizabeth Gates 22July04.
Uniqueness of user names is enforced Customer information logged to database Require contact information as well as address address will.
New Student Orientation Registration System Stephen Nakamura EE496 Preliminary Design Review Fall 2008.
Multiple Tiers in Action
Gem Cluster Freelancer Network Sosuke Tokunaga CS491b Fall 2004.
Administrative  Philosophy  Class survey  Grading  Project  Presentation.
Robofest 2001 Online Management System Jim Needham MCS 4833/01 Senior Project Dr. Chan-Jin Chung, Ph.D.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.
Presentation By: Brian Mais. What Is It? Content Management Systems(CMS) describes software that manage content, workflow, and collaboration online and.
NMS1.0(c) Copyright Final Year Project Demonstration Dublin City University 29 th May 2003 Team Members : David ReadeTimothy Kelly
WEB SECURITY WEEK 3 Computer Security Group University of Texas at Dallas.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.
Securing Large Applications CSCI 5931 Web Security Rungang Mo, Yingying Sun.
Lecture 7 Interaction. Topics Implementing data flows An internet solution Transactions in MySQL 4-tier systems – business rule/presentation separation.
Staying Safe Online Keep your Information Secure.
Online Music Store MSE Project Presentation I Presented by: Reshma Sawant Major Professor: Dr. Daniel Andresen.
SUBMITTED BY Patel Nilesh R. Patel Nikunj J. A PRESIONTATION ON INTERNAL GUIDE: Mrs. Hiral A. Patel GROUP NO: 2.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Student registers to the website Student login Student views current courses Register for available courses View the first course item. with order number.
PHP and MySQL by Example COMP YL Professor Mattos.
Evaluation Workshop: Qualitative Evaluation Methods Peter Dowdell NOF-digitise Technical Advisory Service web:
R.A.P.S Dan Hudlow Kyle Lee Mike Fisher Brad Justice Team no. 3.
Topic Cafeteria Management System
Week seven CIT 354 Internet II. 2 Objectives Database_Driven User Authentication Using Cookies Session Basics Summary Homework and Project 2.
A Web-Enabled Aircraft Scheduler Michael Wallette 20 Nov
Project Dragon Small Business Website Content Management System.
Ram Santhanam Application Level Attacks - Session Hijacking & Defences
Group 12 E-marketing. Safer and easier place for sellers to sell their products Transparency of deals (by keeping all the records about the purchases)
Ashley Montebello – CprE Katie Githens – SE Wayne Rowcliffe – SE Advisor/Client: Akhilesh Tyagi.
Case Study Dynamic Website - Three Tier Architecture
Courselist Project Automated Graduate Student Information System Final project for CS 3354.
Copyright © 2006, Infinite Campus, Inc. All rights reserved. User Security Administration.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
Implementation of SCENS Yan Zhao. Current Status Current implementation is web-based –
23 Mar 2004 HKedCity membership database Login Flash provided by HKedCity Third party web server User’s Browser Login info Result through HTTP Login System.
Cookies / Sessions Week 10 TCNJ Web 2 Jean Chu. Webpages have no memories.
A Web-based Console for Controlling a Wireless Sensor network Team A: Thang Nguyen – Duc Duong Course CSCI 5234: Web Security Instructor: Dr. T. Andrew.
Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.
Jewelfame – E Commerce Application Submitted by Chirag Parekh – Master of Computer Application (Year : 2013 – 2014) Atmiya Institute of Technologies.
SCHOOL MANAGEMENT SYSTEM Developed by: Swapnil R. Gohil ( )
Web Programming 3(3-0-6) Introduction to interactive, event-driven and dynamic web development; web programming with freeware and commercial tools;
Web Applications Attacks A: SQL Injection Stored Cross Site Scripting Prof. Reuven Aviv Department of Computer Science Tel Hai Academic College Topics.
Project Dragon Small Business Website Content Management System.
SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.
Administrative System for a Speech Pathology Office By Devin Peterman.
WEB TESTING
Group 18: Chris Hood Brett Poche
Web Application Security
B2C Online Store. B2C Online Store Group Members Introduction Name: Muhammad Gulfam VU ID: MC Program: MCS Supervisor: Muhammad Qamar Usman.
Presented by [Harshit Agrawal] 03/02/2017
Introduction to Advance Web Technologies
Knowledge Test Centre By SASIKIRAN DIVI U
An N-tier web application
Login & administration page
Web-based Console for Controlling a Wireless Sensor Network (WeConWSN)
A Web-based Integrated Console for Controlling a Set of Networks
Online Grades Calculation and Reporting Application
SCPHCA Member Section Instructions
Proposal Presentation
TJHSST Website Redesign
Web Programming Language
1. Login to the site.
Protecting Against Common Web Application Vulnerabilities
Presentation transcript:

Online Book store Course Name: Web Security Project 1 Presented by Amruta Raichurkar Videhi Patel

Overview Design Workflow Potential vulnerabilities

Design 3 tier structure UML sequence diagram

Workflow As user As administrator

Login

Registration

Home

Book Description

Cart

Edit Book Information

Database Tables - Members - Categories - Items - Orders - Card Types

Potential Vulnerabilities Cross Site scripting(XSS) Act of writing malicious scripting code and tricking another users web Browser into running it using third party’s web server. It attempts to steal a cookie value of user’session and use it to log into the website. foo alert(document.cookie)

Potential Vulnerabilities Impersonating user or system Malicious user acts as a legal receiver for the packet and steals it. The destined receiver does not get a copy of this packets.

Tools J2SE Tomcat 4.1 Mysql 4.1

References Java – How to Program -Deitel & Deitel Web Development with Java Server Pages -Duane K. Fields, Mark A. Kolb

Thank You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.