Web security :

Wu, Hanqing,

Web security : a WhiteHat perspective / Hanqing Wu and Liz Zhao. - xxiii, 508 pages : illustrations ; 26 cm.

"First issued in hardback 2017"--title page verso.

Includes bibliographical references and index.

Section 1. Our view of the security world -- View of the IT security world -- Section 2. Safetyon the client script -- Security of browser -- Cross-site scripting attack -- Cross-site request forgery -- Clickjacking -- Section 3. Application on the server side -- HTML5 securities -- Injection attacks -- File upload vulnerability -- Authentication and session management -- Access control -- Encryption algorithm and random numbers -- Web framework security -- Application-layer denial-of-service attacks -- PHP security -- Web server configuration security -- Section 4. Safety operations of internet companies. -- Security of Internet business -- Security development lifecycle -- Security operations

"This book introduces nearly all aspects of web security. It reveals how hackers work and explains why companies of different scale should choose their own methodology of security. With in depth analysis of the reasons behind the choices, the book covers client script security, server applications security, and Internet company security operations. It also includes coverage of browser security, cross sites script attacks, click jacking, HTML5/PHP security, injection attacks, authentication, session management, access control, web frame security, DDOS, leaks, Internet transactions security, security development lifecycle, and security operations. "-- "Preface In mid-2010, Zhang Chunyu asked me if I could write a book on cloud computing. While the concept of cloud computing is very popular, there is not enough written material on how to handle this. Though I have kept myself up to date with this technology, I declined Zhang's request as the prospects in the field were not clear and instead wrote this book on web security. My Road of Security My interest in security developed when I was a student, after I got a book on hacking with no ISBN from the black market. The book had a teaching course on coolfire, which intrigued me. Ever since, I have been hooked to hacking and have taken much interest in practicing the techniques covered in these types of books. In 2000, I joined Xi'an Jiaotong University. Fortunately for me, the computer room at the university was open even after school hours. Though the price of online browsing was high, I invested most of my living expenses in the computer room. In return, I was gaining more knowledge in this field. With the momentum gained at university, I soon got my first computer with the help of my parents. This only helped to increase my interest in the field. In a short while, I collaborated with my friends to set up a technical organization called ph4nt0m.org, named after my favorite comic character. Though the organization did not last long, it helped groom top talents through communication forums that it initiated. This was the proudest achievement in the 20 years of my life. Due to the openness of the Internet and the advances in technology, I have witnessed nearly all the developments in Internet security in the last decade. During the first five years, I witnessed the technology in penetrating tests, cache overflow, and web hacking; for the next five years"--

9781466592612 9781138436848


Computer networks--Security measures--Popular works.
Computer security.
Internet--Security measures.
World Wide Web--Security measures.

TK5105.59 / .W822 2015

005.8 WU.W 2015