Enforcing Secure Data Sharing in Web Application Development Frameworks Like Django Through Information Flow Control

Capítulo de livro Revisado por pares

Enforcing Secure Data Sharing in Web Application Development Frameworks Like Django Through Information Flow Control

2015; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-3-319-26961-0_34

ISSN

1611-3349

Autores

S. Susheel, N. V. Narendra Kumar, R. K. Shyamasundar,

Tópico(s)

Web Application Security Vulnerabilities

Resumo

The primary aim of web application development frameworks like Django is to provide a platform for developers to realize applications from concepts to launch as quickly as possible. While Django framework provides hooks that enable the developer to avoid the common security mistakes, there is no systematic way to assure compliance of a security policy while developing an application from various components. In this paper, we show the security flaws that arise by considering different versions of an application package and then show how, these mistakes that arise due to incorrect flow of information can be overcome using the Readers-Writers Flow Model that has the ability to manage the release and subsequent propagation of information.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Enforcing Secure Data Sharing in Web Application Development Frameworks Like Django Through Information Flow Control