Documente Academic
Documente Profesional
Documente Cultură
Securitate Web
Tipuri de amenintari pe Web
PCW - C13.WebSecurity
Vandalism (defacement)
Infiltrare
Phishing
Pharming
Denial of Service
Atacuri din interior
Click Fraud
PCW - C13.WebSecurity
Infiltrare
system take-over
obtinerea accesului deplin la resursele
unui sistem de calcul
PCW - C13.WebSecurity
Phishing
Tehnici de realizare
Scop:
/docs/DoS.pdf
PCW - C13.WebSecurity
Securitate cross-domain
Interactiunile dintre siturile/aplicatiile web vizitate
folosind acelasi browser
Same origin policy doar scripturile ce ruleaza in
paginile aceluiasi domeniu isi pot accesa reciproc
metodele si proprietatile fara nicio restrictie
Tipare de atac
Cross-site request forgery (XSRF)
Cross-Site Script Inclusion (XSSI)
Cross-Site Scripting (XSS)
/docs/CrossDomainSec.pdf
http://en.wikipedia.org/wiki/Same_origin_policy
PCW - C13.WebSecurity
Bibliografie
http://www.kjhole.com/WebSec/Downloads.html (/docs/Pharming.pdf,
/docs/DoS.pdf, /docs/csrf.pdf)
http://www.w3.org/TR/wsc-threats/ (/docs/Threats.pdf)
http://code.google.com/edu/security/index.html#content
http://en.wikipedia.org/wiki/Cross_site_scripting
http://en.wikipedia.org/wiki/Cross-site_request_forgery
PCW - C13.WebSecurity