Using Security Patterns in Web-Application

Master's Thesis from the year 2011 in the subject Computer Science - IT-Security, grade: '-', Royal Holloway, University of London, course: Information Security, language: English, abstract: Web-Application have been widely accepted by the organization be it in private, public or government sector and form the main part of any e-commerce business on the internet. However with the widespread of web-application, the threats related to the web-application have also emerged. Web-application transmit substantial amount of critical data such as password or credit card information etc and this data should be protected from an attacker. There has been huge number of attacks on the web-application such as 'SQL Injection', 'Cross-Site Scripting', 'Http Response Splitting' in recent years and it is one of the main concerns in both the software developer and security professional community. This projects aims to explore how security can be incorporated by using security pattern in web-application and how effective it is in addressing the security problems of web-application.