Presentation is loading. Please wait.

Presentation is loading. Please wait.

Online Book store Course Name: Web Security Project 1 Presented by Amruta Raichurkar Videhi Patel.

Published byMoris Kennedy Modified over 9 years ago

Similar presentations

Presentation on theme: "Online Book store Course Name: Web Security Project 1 Presented by Amruta Raichurkar Videhi Patel."— Presentation transcript:

1 Online Book store Course Name: Web Security Project 1 Presented by Amruta Raichurkar Videhi Patel

2 Overview Design Workflow Potential vulnerabilities

3 Design 3 tier structure UML sequence diagram

4 Workflow As user As administrator

5 Login

6 Registration

7 Home

8 Book Description

9 Cart

10 Edit Book Information

11 Database Tables - Members - Categories - Items - Orders - Card Types

12 Potential Vulnerabilities Cross Site scripting(XSS) Act of writing malicious scripting code and tricking another users web Browser into running it using third party’s web server. It attempts to steal a cookie value of user’session and use it to log into the website. foo alert(document.cookie)

13 Potential Vulnerabilities Impersonating user or system Malicious user acts as a legal receiver for the packet and steals it. The destined receiver does not get a copy of this packets.

14 Tools J2SE 1.4.2 Tomcat 4.1 Mysql 4.1

15 References Java – How to Program -Deitel & Deitel Web Development with Java Server Pages -Duane K. Fields, Mark A. Kolb www.java.sun.com

16 Thank You

Download ppt "Online Book store Course Name: Web Security Project 1 Presented by Amruta Raichurkar Videhi Patel."

Similar presentations

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.

Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.
Vinotemp Online Store Presented by: Ken Hoang. Motivation To help the company selling its products online A part of my works.

Vinotemp Online Store Presented by: Ken Hoang. Motivation To help the company selling its products online A part of my works.
Copyright © 2004 Pearson Education, Inc. Slide 7-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.

Copyright © 2004 Pearson Education, Inc. Slide 7-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.
UML Extensions for Web Design Design activities: –Partitioning of objects into tiers such as client, server, etc. –Separating and defining user interfaces.

UML Extensions for Web Design Design activities: –Partitioning of objects into tiers such as client, server, etc. –Separating and defining user interfaces.
Development of a Web Based B&B Reservation System Elizabeth Gates 22July04.

Development of a Web Based B&B Reservation System Elizabeth Gates 22July04.
Uniqueness of user names is enforced Customer information logged to database Require contact information as well as email address Email address will.

Uniqueness of user names is enforced Customer information logged to database Require contact information as well as address address will.
New Student Orientation Registration System Stephen Nakamura EE496 Preliminary Design Review Fall 2008.

New Student Orientation Registration System Stephen Nakamura EE496 Preliminary Design Review Fall 2008.
Multiple Tiers in Action

Multiple Tiers in Action
Gem Cluster Freelancer Network Sosuke Tokunaga CS491b Fall 2004.

Gem Cluster Freelancer Network Sosuke Tokunaga CS491b Fall 2004.
Administrative  Philosophy  Class survey  Grading  Project  Presentation.

Administrative  Philosophy  Class survey  Grading  Project  Presentation.
Robofest 2001 Online Management System Jim Needham MCS 4833/01 Senior Project Dr. Chan-Jin Chung, Ph.D.

Robofest 2001 Online Management System Jim Needham MCS 4833/01 Senior Project Dr. Chan-Jin Chung, Ph.D.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.

Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.
Presentation By: Brian Mais. What Is It? Content Management Systems(CMS) describes software that manage content, workflow, and collaboration online and.

Presentation By: Brian Mais. What Is It? Content Management Systems(CMS) describes software that manage content, workflow, and collaboration online and.
NMS1.0(c) Copyright 20031 Final Year Project Demonstration Dublin City University 29 th May 2003 Team Members : David ReadeTimothy Kelly 9975562950221221.

NMS1.0(c) Copyright Final Year Project Demonstration Dublin City University 29 th May 2003 Team Members : David ReadeTimothy Kelly
WEB SECURITY WEEK 3 Computer Security Group University of Texas at Dallas.

WEB SECURITY WEEK 3 Computer Security Group University of Texas at Dallas.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.

About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.
Securing Large Applications CSCI 5931 Web Security Rungang Mo, Yingying Sun.

Securing Large Applications CSCI 5931 Web Security Rungang Mo, Yingying Sun.

Similar presentations

Ads by Google