Analysis of vulnerabilities of protocols of authentification of WEB

Authors

  • Михаил Владимирович Коломыцев к.т.н., доцент, НТУУ «КПИ»
  • Светлана Александровна Носок к.т.н., доцент, НТУУ «КПИ»

DOI:

https://doi.org/10.18372/2410-7840.14.3358

Keywords:

WEB-Applications, protocol, resource

Abstract

Nowadays WEB applications tend to be developed in terms of content personalization and controlled access. Due to the aforementioned statement, the requirements to client authentification of WEB sites increase. Existing approaches to building the authentification mechanism are often vulnerable to attacks. Various restrictions and measures to clecrease the risk of security violation will be described in the article.

Author Biographies

Михаил Владимирович Коломыцев, к.т.н., доцент, НТУУ «КПИ»

к.т.н., доцент, НТУУ «КПИ»

Светлана Александровна Носок, к.т.н., доцент, НТУУ «КПИ»

к.т.н., доцент, НТУУ «КПИ»

References

The WASC Threat Classification v2.0. [Электронный ресурс] - Режим доступа.

http://projects.webappsec.org/w/page/13246978/Threat-Classification свободный. — Загл. с экрана.

Authentication and Session Management on the Web [Электронный ресурс] - Режим доступа. http://www.westpoint.ltd.uk/advisories/Paul_Johnston_GSEC.pdf свободный. — Загл. с экрана.

Web Authentication Security [Электронный ресурс] - Режим доступа.

http://www.sans.org/reading_room/whitepapers/webservers/web-authentication-security_1250 свободный. — Загл. с экрана.

A Guide to Web Authentication Alternatives [Электронный ресурс] - Режим доступа: http://unixpapa.com/auth/ свободный. — Загл. с экрана.

Хогланд Г. Взлом программного обеспечения: анализ и использование кода [Текст]/ Хогланд Г., Мак-Гроу Г. // Издательский дом "Вильяме". - М.: -2005, 389 с.: ил. - ISBN 5-8459-0785-3, 0-201-78695-8.

CodeNet - Все для программиста! [Электронный ресурс]: Поиск уязвимостей в программах с помощью анализаторов кода. - Режим доступа: http://www.codenet.ru/progr/other/code-analysers.php свободный. — Загл. с экрана.

Downloads

Published

2012-09-15

How to Cite

Коломыцев, М. В., & Носок, С. А. (2012). Analysis of vulnerabilities of protocols of authentification of WEB. Ukrainian Information Security Research Journal, 14(3 (56), 41–45. https://doi.org/10.18372/2410-7840.14.3358

Issue

Vol. 14 No. 3 (56) (2012)

Section

Articles

License

The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.