摘要
SQL注入、跨站点脚本、跨站点追踪、会话叠置是存在于网络应用层的几个安全问题,它们的共同特点是“遵守”网络标准协议,攻击者通过制造的特定情况来实现攻击.为了避免这种攻击的发生,就必须在开发网络应用程序时,对协议在复杂情况下交互作用进行深入的分析.
The security issues about web application software are arising because of the complexity of intemet environment. SQL injection, XSS, XST, Session Riding are the appearing security issues that exist on the application layer of Interact environment, they all “abide by” the standard protocol. The attacker can attack a web site through some particular carefully designed scene. To avoid this attack, deepgoing analysis must be given to the co-operation of protocols when developing web application software.
出处
《沈阳师范大学学报(自然科学版)》
CAS
2006年第1期62-65,共4页
Journal of Shenyang Normal University:Natural Science Edition