Web 2.0 Security and Software Development

Verified

Added on 2020/03/16

AI Summary

This assignment explores the impact of Web 2.0 technologies on cybersecurity. It examines security challenges like authentication failures, cross-site scripting, and injection attacks. The assignment also delves into software development life cycles, outlining key phases and their relationships. Furthermore, it discusses secure coding practices, including design considerations, complexity management, defense layers, privilege control, and testing mechanisms. Finally, the assignment provides a code walkthrough framework to ensure secure code development.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: SECURITY AND NETWORK
Security and network
Name of the student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1SECURITY AND NETWORK
Answer to question 1:
The technological advances made by the adoption of Web 2.0 techniques have made
great innovations among the general population. However, this is also the reason for the
concerned population to become vulnerable to cyber attacks. There are various ways where the
Web 2.0 is changing the security related mechanisms in the internet.
The first security challenge is the lack of appropriate authentication methods. This
implies that the contents in Web 2.0 applications are not authenticated well enough (Fuchs et al.,
2013). This can lead to the hackers getting access to them by spending minimum resources to
achieve that.
Another security challenge is the vulnerability in cross site scripting. This enables the
malicious inputs sent by the attackers to be stored in the system and displayed to the common
users. This is another problem which is the main cause for security challenges.
In addition, the injection attacks are also another security challenges. The XML injection
or the XPath injections are the most common methods which are used to pose injection threats to
the system.
Answer to question 2:
The software model is used for the development approaches to be taken for the
development of software development processes. The main involvement of this method includes
the step by step method to be followed for the development of software. The requirements are
made as designs which are then translated into codes.
The requirement phase includes the analysis of the consideration to be taken before the
development of the project (Mishra & Dubey, 2013). The design phase of the process involves

2SECURITY AND NETWORK
the planning of the system. This involves the generation of the design parameters to be integrated
into the software. The coding phase analyses the designs and translates it into the codes. The
testing phase generates the testing of the software. It is done by beta testing or use case diagrams.
The last phase is the deployment phase where the software is deployed to various users. The
major relationship among the various phases is listed below:
Fig 1: Software development process
(Source: Created by the author)
Answer to question 3:
Due to the advancement of technologies, the need for a secure coding is essential to keep
up with the increasing trends in cyber attacks. Thus, it is needed to consider the security checks
during coding (Fuggetta & Di Nitto, 2014). The five security issues included are:

3SECURITY AND NETWORK
1. Securing designs: This is to be done to secure the coding schemes to protect against
injection attacks or other vulnerabilities.
2. Complexity: The complexity of the code is to be removed which allows the developer to
address the codes whenever required.
3. Defense layers: This is also to be referenced as the software codes need to have a defense
mechanism to keep mal-practices at a check.
4. Privileges: The access to the system is also to be addressed as the minimum access must
be given to end users so that the security is not hampered.
5. Testing mechanisms: The software is to be checked and tested to allow smooth
operations without failures.
Answer to question 4:
Fig 2: Use case for access privilege
(Source: Created by the author)

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4SECURITY AND NETWORK
Fig 3: Use case for testing mechanisms
(Source: Created by the author)
Answer to question 5:
This section is used to develop a code walkthrough (Wang et al., 2012). The worksheet
for such methods includes various questions to be followed. These are:
1. Display the code out from the control. If it is running, then continue, else the review has
to be stopped.
2. Execute the unit. If the program runs, continue, else the review has to be stopped.
3. Check the coverage. If average is greater than 60%, continue, else the review has to be
stopped.
4. Check the metrics of the code. If it complies with the standards, continue, else the review
has to be stopped.
5. Run the static code. If no error or warnings is showed, continue, else the review has to be
stopped.

5SECURITY AND NETWORK
References:
Fuchs, C., Boersma, K., Albrechtslund, A., & Sandoval, M. (Eds.). (2013). Internet and
surveillance: The challenges of Web 2.0 and social media (Vol. 16). Routledge.
Fuggetta, A., & Di Nitto, E. (2014, May). Software process. In Proceedings of the on Future of
Software Engineering (pp. 1-12). ACM.
Mishra, A., & Dubey, D. (2013). A comparative study of different software development life
cycle models in different scenarios. International Journal of Advance research in
computer science and management studies.
Wang, Y., Li, H., Feng, Y., Jiang, Y., & Liu, Y. (2012). Assessment of programming language
learning based on peer code review model: Implementation and experience
report. Computers & Education, 59(2), 412-422.

1 out of 6

+13062052269

info@desklib.com

Web 2.0 Security and Software Development

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Cyber Security: Vulnerabilities, Exploitation, and Security Controls

Cyber-Security Tools in Using Automating Defense of Networks

190 - web developmet

Network Security Management

Network Vulnerability And Penetration Testing Assignment

Penetration Testing Penetration Testing