izpis_h1_title_alt

Analiza ranljivosti spletnih aplikacij
ID DEBELAK, ALJAŽ (Author), ID Trebar, Mira (Mentor) More about this mentor... This link opens in a new window

.pdfPDF - Presentation file, Download (545,83 KB)
MD5: 4052FA94D820B35F584D7CE134F55E40

Abstract
Uporaba interneta je vse bolj razširjena na različnih področjih in za različne namene. Spletne aplikacije so vse bolj napredne in ponujajo različne uporabniške izkušnje. V ta namen se o uporabniku shranjujejo podatki, ki so lahko samo neškodljivi piškotki, lahko pa so tudi osebni podatki. Na številnih spletnih mestih zahtevajo prijavo z uporabniškim imenom in geslom, do katerih bi lahko dobili dostop zlonamerni ljudje in z njimi škodovali spletnim uporabnikom za svoj dobiček. V diplomskem delu je predstavljena spletna varnost, oziroma njene pomanjkljivosti. Predstavili smo petnajst različnih zlonamernih ranljivosti po priporočilih OWASP, nato pa smo jih analizirali na spletni aplikaciji NOVA Portal. Ta je namenjena pregledu in kreiranju ponudb ter pogodb za predstavnike in stranke lizing financiranja. Za vsak napad je opisano delovanje in njegov vpliv na spletni aplikaciji NOVA Portal. V primeru odkritih varnostnih tveganj je zapisana tudi ustrezna rešitev za odpravo teh. Ob ustreznem upoštevanju rešitev je mogoče izboljšati spletno varnost.

Language:Slovenian
Keywords:spletna aplikacija, OWASP, ranljivost, napad
Work type:Bachelor thesis/paper
Typology:2.11 - Undergraduate Thesis
Organization:FRI - Faculty of Computer and Information Science
Year:2022
PID:20.500.12556/RUL-142433 This link opens in a new window
COBISS.SI-ID:129764867 This link opens in a new window
Publication date in RUL:08.11.2022
Views:825
Downloads:79
Metadata:XML DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Secondary language

Language:English
Title:Vulnerability analysis of web applications
Abstract:
The use of the internet is widespread in various fields and for various purposes. Web applications are increasingly advanced and offer many better user experiences. For this purpose the user data is stored in various forms. There are implemented only harmless cookies or the personal data is stored. Many websites require login with a username and password, which malicious people could gain access to and use to harm online users for their own profit. The thesis presents the web application security and fifteen critical vulnerabilities from OWASP recomendations. Afterwards, they are applied on the NOVA Portal application, which is intended for review and creation of offers and contracts for representatives and customers of leasing financing. For each attack, the operation and its impact are described on the NOVA Portal web application. In case of discovered security risks, it was also written down the appropriate solution for its elimination. With proper consideration of solutions, online security can be improved.

Keywords:web application, OWASP, vulnerability, attack

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back