Secure Web Application Development Prototype Using Enterprise Security Application Programming Interface (ESAPI)

Abdul Barakath Mohamed Rasheed, Bharanidharan Shanmugam, Ganthan Narayana Samy, Nurazean Maarop, Pritheega Magalingam, Kheng Yeo, Sami Azam

    Research output: Contribution to journalArticlepeer-review

    Abstract

    The web application has been playing a key role in the development of modern society. Unlike traditional applications, modern web applications are generally more exposed to untrusted users, data and transmission medium. According to a cenzic 2014 report 96% of all applications tested in 2013 have one or more serious security vulnerability. The root causes behind these vulnerabilities are lack of application security awareness, design flaws and secure coding. Furthermore, developers frequently see functionality as more important than security. Therefore, this study proposed a simple implementation of the single security Application Programming Interface (API) that could minimize web application security flaws and prevent from critical malicious attacks. A prototype application is developed with open web Application Security Project (OWASP) enterprise security application API based on Rapid Application Development (RAD) methodology. Thus, this study been carried out with an aim to fill the gap between web application development and application security domain.
    Original languageEnglish
    Pages (from-to)7-13
    Number of pages7
    JournalAsian Journal of Information Technology
    Volume16
    Issue number1
    DOIs
    Publication statusPublished - 2017

    Fingerprint

    Dive into the research topics of 'Secure Web Application Development Prototype Using Enterprise Security Application Programming Interface (ESAPI)'. Together they form a unique fingerprint.

    Cite this