izpis_h1_title_alt

Razvoj s certifikati varovane spletne trgovine : diplomsko delo
ID Rot, Peter (Author), ID Smrdel, Aleš (Mentor) More about this mentor... This link opens in a new window

.pdfPDF - Presentation file, Download (1,29 MB)
MD5: 865C586EA3F7EDFD89A058845C149762
PID: 20.500.12556/rul/6d523d26-5ea1-46c3-b395-609aec7731f6

Abstract
Spletne trgovine vsako leto privabijo več kupcev. Pri programiranju tovrstnih aplikacij moramo biti pozorni na dve stvari: na realizacijo funkcionalnosti ter zagotavljanje varnosti. V tej diplomski nalogi je razvita spletna trgovina s tremi moduli (modul za kupce, prodajalce ter za naročanje pri dobaviteljih). Pri razvoju je poseben poudarek namenjen zagotavljanju varnosti. Pri tem smo upoštevali priporočila organizacije OWASP. Implementirana je obramba proti injekcijam, XSS, CSRF ter proti napadom, ki izkoriščajo napačno upravljanje z avtentikacijo in sejami. Poleg tega so izdelani samopodpisani certifikati X.509, ki so potrebni za prijavo v zaledni sistem.

Language:Slovenian
Keywords:spletna trgovina, varnost, OWASP, Apachi, X.509
Work type:Bachelor thesis/paper
Typology:2.11 - Undergraduate Thesis
Organization:FRI - Faculty of Computer and Information Science
Publisher:[P. Rot]
Year:2015
Number of pages:53 str.
PID:20.500.12556/RUL-72193 This link opens in a new window
COBISS.SI-ID:1536485315 This link opens in a new window
Publication date in RUL:08.09.2015
Views:1764
Downloads:320
Metadata:XML DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Secondary language

Language:English
Title:Development of a web store protected with certificates
Abstract:
Each year web stores attract more customers. When programming these types of applications we have to consider two things: implementation of functionality and ensuring web security. A web store with three modules has been developed in the following thesis (a module for buyers, sellers and also for managing supplies). Special emphasis during development is placed on security. We also considered the guidelines from the OWASP organization. A defense against injection, XSS and CSRF has been implemented, as well as against attacks that exploit the broken authentication and session management. In addition, self-signed certificates X.509 were created which are necessary for signing in back-end system.

Keywords:web store, security, OWASP, Apachi, X.509

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back