Tytuł artykułu
Autorzy
Treść / Zawartość
Pełne teksty:
Identyfikatory
Warianty tytułu
Języki publikacji
Abstrakty
This paper explores the critical domain of safeguarding web-based applications against authentication attacks, recognizing the persistent challenges posed by evolving cyber threats. The project delineates the distinct objectives of such attacks, including data theft, identity theft, and service disruption, underlining their potential far-reaching implications, such as the compromise of sensitive corporate data and the execution of unauthorized administrative operations. It underscores the pivotal role of user awareness and education as the ultimate defense against authentication-related breaches. Robust security measures, encompassing the use of strong, intricate passwords, encrypted network communication, two-factor authentication, and the regulation of failed login attempts, are emphasized as essential safeguards. Additionally, the project underscores the significance of maintaining system components through regular updates and conducting comprehensive security audits. A holistic approach, integrating technical and human factors, underscores user awareness and ongoing training as indispensable elements in the endeavor to enhance security in an increasingly digital landscape. "Protecting Web Applications from Authentication Attacks" aims to equip its readers with a comprehensive understanding of authentication system security and offers practical directives for bolstering defense mechanisms in a professional and formal context.
Wydawca
Czasopismo
Rocznik
Tom
Strony
26--42
Opis fizyczny
Bibliogr. 18 poz., rys.
Twórcy
autor
- University of Information Technology and Management, Poland
autor
- University of Information Technology and Management, Poland
autor
- Rzeszow University of Technology
Bibliografia
- [1] Li, Y., & Liu, Q. (2021). A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments. Energy Reports, 7, 8176–8186. doi: 10.1016/j.egyr.2021.08.126
- [2] Usmonov, M. (2021). Identification and Authentication.
- [3] Khan, H. (2013). Comparative Study of Authentication Techniques.
- [4] Erickson, J. (2010). Hacking: the art of exploitation
- [5] Hadnagy C. & Wilson P. A. (2011). Social engineering : the art of human hacking. Wiley.
- [6] Bezpieczne Dane, bezpiecznedane.gov.pl
- [7] Stallings, W. (2016). Network Security Essentials. Pearson
- [8] https://doi.org/10.6028/NIST.SP.800-63-3
- [9] https://www.security.org/how-secure-is-my-password/
- [10] Anderson, R. J. (2021). Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley John + Sons.
- [11] Stallings, W. (2016). Cryptography and Network Security: Principles and Practice. Pearson.
- [12] Smith, R. E. (2001). Authentication: From Passwords to Public Keys. Addison-Wesley Professional.
- [13] Stutz, D., Pinto, M., & Inni. (2011). The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws. Wiley.
- [14] Cross-Site Request Forgery Prevention Cheat Sheet, OWASP Cheat Sheet Series, https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
- [15] Kim, G., Humble, J., Debois, P., & Willis, J. (2016). The DevOps Handbook: How to Create World-Class Agility, Reliability, & Security in Technology Organizations. IT Revolution Press.
- [16] Compile OpenVAS 7 on CentOS 6, Github, https://elatov.github.io/2014/06/compile-openvas-7-on-centos-6/
- [17] Maher Alsharif, M. A., Shailendra Mishra. (2022). Impact of Human Vulnerabilities on Cybersecurity. Computer Systems Science and Engineering, 40(3), 1153–1166. doi:10.32604/csse.2022.019938
- [18] Bezpieczeństwo API REST –szkolenie, Securitum -bezpieczeństwo systemów IT, https://securitum.pl/szkolenia/bezpieczenstwo-api-rest-szkolenie/
Uwagi
Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2022-2023).
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-382be78e-deac-4b99-882f-e23eaa100766