Open AccessThe Business Logistics Security Research on Web Application
Author(s) -
Kangyu Tan,
Ying Xie
Publication year - 2019
Publication title -
journal of physics. conference series
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.21
H-Index - 85
eISSN - 1742-6596
pISSN - 1742-6588
DOI - 10.1088/1742-6596/1325/1/012102
Subject(s) - cross site scripting , computer science , web application security , computer security , sql injection , scripting language , security testing , web application , vulnerability (computing) , security through obscurity , world wide web , the internet , web development , security information and event management , cloud computing security , programming language , cloud computing , operating system , query by example , web search query , search engine
The rich functions of web applications have played an important role in the rapid development of the Internet. Different web applications have different functions. Compared with traditional XSS vulnerabilities, SQL injection vulnerabilities, and command execution vulnerabilities, the security issues involved in different server functions of Web applications vary widely, which leads to the absence of general solutions for specific security vulnerabilities in business logic process. After analyzing the security of the business logic process, it can be found that when the various security points of the business logic process are used by the attacker, and the behaviour of the attacker does not have any obvious difference from the normal user, which leads to the inability to achieve effective protection by directly using various types of scripts. Therefore, it is of practical significance to research a penetration detection idea of a logical vulnerability.