Web Application Development Security Concerns

Verified

Added on 2020/10/22

AI Summary

The assignment examines web security concerns that can impact the performance and development of a web application. These concerns include SQL injection, cross-site scripting, session management, insecure direct object references, and CSRF. Recommendations are provided to improve security, including updating software, forming a strong password policy, and encrypting login pages with SSL.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Web Application
Development

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Table of Contents
INTRODUCTION...........................................................................................................................1
LO 1.................................................................................................................................................1
Evaluate functions and advantages of web applications..............................................................1
Different types of client and server side scripting language........................................................1
1.3 Examine web security concern and make recommendations................................................1
REFERENCES................................................................................................................................2

INTRODUCTION
Technological advancement is allowing companies to transform their business from physical
stores to online. It has provided them vast opportunity to expand their operations in wide area
and also ease overall process (Satapathy, 2016). Web applications are major platform which
allow user and client to interact with one another. There are many languages available as well
through which applications are developed. It depends on requirement that what language is to be
used. This report will describe about advantage of web applications. It will compare client and
server side language and discuss about web security concerns and how to improve it.
LO 1
Evaluate functions and advantages of web applications
A web application is computer program that perform specific functions on web browser. It
is simply a website which is connected with internet. There are various functions of application
that is dependent on its purpose. They are as follows :-
Model – This function manages data of application domain, respond to request for information
and respond to instructions.
View- it displays information in segregated manner.
Controller – In this input is entered from mouse or keyboard to inform model or change its
view.
There are many benefits as well of using web applications. They are described below :-
 Its major advantage is web application can be accessed from anywhere, anytime. It only
require user to connect to internet and download it (Altaleb and Gravell, 2019). Also,
data is available from user logs.
 It does not require any physical software to install, manage and update data. However,
app can be used offline as well which makes it easy for user to operate it. Therefore, it is
easy to install and maintain it.
 Web application uses user tracking program. With this it is easy to identify which in built
programs worked it well and which not. So, developers can make improvements easily by
updating it.
 The applications are easily customisable which means that it is easy to update its
interface which gives appropriate look for user to work with. Moreover, all users have to
1

work on same interface in different situations. Hence, user does not have to work on
different interface.
Different types of client and server side scripting language
A web application is developed by using programming languages. Also, scripts are
programs that are written on both at client and server end (Satapathy and Rath, 2017). Without
scripts website can not be developed. However, main difference between them is sever side
involve server for its processing whereas client side scripting uses browser to run scripts without
using server. In both there are different types of languages used such as HTML, CSS, PHP, java,
etc. the difference between client and server side scripting languages are as below :-
HTML PHP
It is a mark up language used to create web
pages and is used at front end.
It is open source language used to create static
web pages
The language is static in nature and remain
same (HTML vs PHP, 2015).
It is dynamic that means output depends on
browser in which it is opened.
The pages are integrated with front end of
website.
In PHP pages are integrated with different
database such as oracle, MySQL, etc.
It is used to develop front side of webpage. It is used to develop server side as it interacts
with database.
Python JavaScript
It is having mutuable and immutable data types
like set and list
In this there is no such concept.
The sources code is ASCII. Here, source code is UTF 16.
There are different numeric types like int, float,
etc. (Nelson, 2017)
There is only float point numbers (Python vs
JavaScript, 2015).
It is having in built hash tables known as
dictionaries.
There are no in built hash tables.
It used class based inheritance model and code
blocks as indentation.
It uses prototype based model and code blocks
as curly brackets.
2

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

Python has two similar data types list and
tuple.
Java script only has in built array type.
1.3 Examine web security concern and make recommendations
In a web application there are many issues that can occur. These issues can highly impact
on performance and development of app. Therefore, it is necessary to identify those issues and
solve it so that application is developed in effective way. There can occur several web security
concerns that are described below :-
SQL injection- In this the attacker may use application code to access database content. This
results in editing, deleting, etc. data in database.
Cross site scripting – It occurs by targeting application user by injecting code. By this attacker
hack browser and user sessions (Patel and Cassou, 2015).
Session management- If user sessions are not protected or authenticated attacker can easily
hijack active sessions and misuse user data.
Insecure direct object- It occurs when any internal implementation object such as database,
key, file records, etc. is exposed. This gives a chance to hacker to access data.
Security misconfiguration- It includes ineffective maintenance and configuration which results
in access to data.
CSRF- In this third party send request to a user in browser to access data. The browser can be
social media, e mails, etc. that is linked to web application.
Recommendations
In order to improve security concerns there are several recommendations that can be
followed. It will ensure that web application is secured.
 The software should be updated and maintained properly. All scripts can be updated by
identifying security concerns.
 The password policy must be formed properly. This will enable in setting strong
password. Also, the policy must be followed effectively.
 Moreover, log in pages must be encrypted using SSL. It will restrict third parties or
hackers to access credentials or log in details.
3

REFERENCES
Books and Journals
Altaleb, A. and Gravell, A., 2019. An empirical investigation of effort estimation in mobile apps
using agile development process. Journal of Software, 14(8), pp.356-369.
Nelson, D.J., 2017. Estimating Effort for Cross-platform Web ApplicationDevelopment.
Patel, P. and Cassou, D., 2015. Enabling high-level application development for the Internet of
Things. Journal of Systems and Software, 103, pp.62-84.
Satapathy, S.M. and Rath, S.K., 2017, February. Empirical assessment of machine learning
models for effort estimation of web-based applications. In Proceedings of the 10th
Innovations in Software Engineering Conference (pp. 74-84). ACM.
Satapathy, S.M., 2016. Effort estimation methods in software development using machine
learning algorithms (Doctoral dissertation).
Online
HTML vs PHP. 2015. [online] Available through : < https://www.educba.com/html-vs-php/>
Python vs JavaScript. 2015. [online] Available through : < https://www.educba.com/python-vs-
javascript/>
4

1 out of 6

+13062052269

info@desklib.com

Web Application Development Security Concerns

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Functions and Advantages of Web Applications

Web Application Development: Concepts, Technologies, and Security

Web Application Development: Concepts, Design, and Security

Web Application Development: Concepts, Technologies, and Security

Web-Based Students’ Attendance Application (WBLAP)

Understanding Web Applications