Upload
mechelle-george
View
17
Download
2
Embed Size (px)
DESCRIPTION
Online Book store. Course Name: Web Security Project 1 Presented by Amruta Raichurkar Videhi Patel. Overview. Design Workflow Potential vulnerabilities. Design. 3 tier structure UML sequence diagram. Workflow. As user As administrator. Login. Registration. Home. - PowerPoint PPT Presentation
Citation preview
Online Book store
Course Name: Web Security Project 1
Presented by
Amruta RaichurkarVidehi Patel
Overview
Design Workflow Potential vulnerabilities
Design
3 tier structure UML sequence diagram
Workflow
As user As administrator
Login
Registration
Home
Book Description
Cart
Edit Book Information
Database
Tables- Members- Categories- Items- Orders
- Card Types
Potential Vulnerabilities
Cross Site scripting(XSS)Act of writing malicious scripting code and tricking another
users web Browser into running it using third party’s web server. It
attempts to steal a cookie value of user’session and use it to log into the
website.
<b>foo</b><script language =‘javascript’>
alert(document.cookie)</script>
Potential Vulnerabilities Impersonating user or system Malicious user acts as a legal receiver for the packet and
steals it. The destined receiver does not get a copy of this packets.
Sender Receiver
Cracker
Packet #1“abcde”
Tools
J2SE 1.4.2 Tomcat 4.1 Mysql 4.1
References
Java – How to Program-Deitel & Deitel
Web Development with Java Server Pages
-Duane K. Fields, Mark A. Kolb
www.java.sun.com
Thank You