Cart (Loading....) | Create Account
Close category search window
 

AJAX based attacks: Exploiting Web 2.0

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Qurashi, U.S. ; Sch. of Electr. Eng. & Comput. Sci., Nat. Univ. of Sci. & Technol., Islamabad, Pakistan ; Anwar, Z.

AJAX (asynchronous JavaScript and XML) has enabled modern web applications to provide rich functionality to Internet users. AJAX based web applications avoids full page reloads and updates relevant portion of a page. An AJAX enabled web application is composed of multiple interconnected components for handling HTTP requests, HTML code, server side script and clients side script. These components work on different layers. Each component adds new vulnerabilities in the web application. The prolifiration AJAX based web applications increases the number of attacks on the Internet. These attacks include but not limited to CSR forgery attacks, Content-sniffing attacks, XSS attacks, Click jacking attacks, Mal-advertising attacks and Man-in-the-middle attacks against SSL etc. Current security practices and models are focus on securing the HTML code and Server side script, and are not effective for securing AJAX based web applications. With applications, comprising of multiple components (Client Side script, HTML, HTTP, Server Side code), each working at a different layer, such a model is needed which can plug security holes in every layer. This research focus on addressing security issues observed in AJAX and Rich Internet Applications (RIA) and compiling best practices and methods to improve the security of AJAX based web applications.

Published in:

Emerging Technologies (ICET), 2012 International Conference on

Date of Conference:

8-9 Oct. 2012

Need Help?


IEEE Advancing Technology for Humanity About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2014 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.