期刊文献+
共找到1篇文章
< 1 >
每页显示 20 50 100
Secure Web Application Technologies Implementation through Hardening Security Headers Using Automated Threat Modelling Techniques
1
作者 Maduhu Mshangi Mlyatu Camilius Sanga 《Journal of Information Security》 2023年第1期1-15,共15页
This paper investigates whether security headers are enforced to mitigate cyber-attacks in web-based systems in cyberspace. The security headers examined include X-Content-Type-Options, X-Frame-Options, Strict-Transpo... This paper investigates whether security headers are enforced to mitigate cyber-attacks in web-based systems in cyberspace. The security headers examined include X-Content-Type-Options, X-Frame-Options, Strict-Transport-Security, Referrer-Policy, Content-Security-Policy, and Permissions-Policy. The study employed a controlled experiment using a security header analysis tool. The web-based applications (websites) were analyzed to determine whether security headers have been correctly implemented. The experiment was iterated for 100 universities in Africa which are ranked high. The purposive sampling technique was employed to understand the status quo of the security headers implementations. The results revealed that 70% of the web-based applications in Africa have not enforced security headers in web-based applications. The study proposes a secure system architecture design for addressing web-based applications’ misconfiguration and insecure design. It presents security techniques for securing web-based applications through hardening security headers using automated threat modelling techniques. Furthermore, it recommends adopting the security headers in web-based applications using the proposed secure system architecture design. 展开更多
关键词 Secure web Applications security Headers Systems security Secure web Architecture design
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部