摘要
Web安全发展至今,人们对此已不陌生。在大数据时代背景下,客户对Web安全越来越重视。但是,Web安全事件日益增加,发生客户信息泄露的安全事件让客户利益和运营商的形象受损,也让双方蒙受了重大的经济损失。因此,结合日常安全检查和整改工作,从常见的Web安全漏洞及Web攻击方式入手,分析其原理和危害程度,提出针对性的漏洞挖掘思路,并总结相关经验,给出正确有效的防范措施建议,希望对开发人员、安全人员及企业管理者有所帮助。
It is not strange for the so-far development of web security, and in the costomer gives the big data era, more and more attention to the safety of customer Web security.However Web security incidents grow daily, 'the disclosure of customer information directly damages the customer's interests and operator's image, or even leads heavy economic losses of both sides. According to the daily safety inspection and rectification work, starting from the Web security vulnerabilities and Web common attacks, analysis on its principle and the degree of harm is done, the vulnerability mining idea proposed, the related experience summarized, and the effective prevention measure suggested, hoping all these would be helpful for the developers, security personnel and business managers.
作者
谭彬
杨明
梁业裕
宁建创
TAN Bin YANG Ming LIANG Ye-yu NING Jian-chuang(Guangxi Co., Ltd.,China Mobile Group, Nanning Guangxi 530028, Chin)
出处
《通信技术》
2017年第4期795-802,共8页
Communications Technology
关键词
WEB安全
安全漏洞
漏洞挖掘
防范措施
Web security
security vulnerability
vulnerability mining
preventive measures
