基于ISAPI的Web安全防护设计与应用 |
| |
引用本文: | 张鑫,;张婷,;段新东,;林玉香.基于ISAPI的Web安全防护设计与应用[J].人天科学研究,2014(8):134-136. |
| |
作者姓名: | 张鑫 ;张婷 ;段新东 ;林玉香 |
| |
作者单位: | [1]南阳理工学院软件学院; [2]南阳师范学院计算机与信息技术学院,河南南阳473000 |
| |
基金项目: | 河南省科技计划项目(142300410108);河南省教育厅科学技术研究重点项目(14A520056);南阳师范学院校级项目(QN2013047) |
| |
摘 要: | 随着Web应用的普及,其安全面临着前所未有的挑战。针对Windows平台中广泛使用的IIS服务器,利用ISAPI在Web应用层设计并实现安全防护系统,可对常见的Web攻击,如SQL注入、XSS攻击、Cookies攻击进行防御。实验表明,该安全防护系统可以在一定程度上保护网站的应用层安全,有效提高网站安全性。
|
关 键 词: | SQL注入 XSS跨站攻击 Cookies攻击 Web安全 |
Design and Application of Web Security Based on ISAPI |
| |
Abstract: | With the development of Internet, Web technology is widely deployed in nowadays information systems, the application and popularization of Web make Web security is confronted with hitherto unknown challenge. Web security protection system for the IIS server widely used in Windows platform, employs ISAPI in the application layer to design and implement. It can defense common web attacks, such as SQL injection, XSS attack, and Cookies attack. The results indicated that it can protect the web application layer security, and improve site security as well. |
| |
Keywords: | SQL Injection XSS Attack Cookies Attack Web Security |
本文献已被 维普 等数据库收录! |
|