Академический Документы
Профессиональный Документы
Культура Документы
2
Assistant Professor/ Department of Computer Science and Engineering/ Agni College of Technology/ Anna University/
Chennai – 603 103/Tamil Nadu/India
sumitha.cse@act.edu.in
3
Head of the Department /Department of Computer Science and Engineering/Agni College of Technology/
Anna University/ Chennai – 603 103/Tamil Nadu/India
csehod@act.edu.in
3
components or building blocks and provides a plan from
which products can be procured, and systems developed,
that will work together to implement the overall system.
In this project, a representation of a system is a mapping
of functionality between front-end and back-end
database ,also it specifies user interaction in web
applications. Architecture is the top-level, strategic
inventions, likewise here intermediate server play a vital
role in preventing from vulnerabilities that exploit the
front-end as well as back-end database.
Fig 4. Level 1
Fig 3. Level 0
4
DB
Admin
UserName/Password WebServer1
User Web Container Main Server
Request for sk Access
Response for sk
WebServer2
S Key
After the user registers the details, before proceeding for [4] S.Y. Lee, W.L. Low, and P.Y. Wong,(2002) “Learning
request, the database stores the details about the user. Fingerprints for a Database Intrusion Detection System,”
Then the main server generates an authentication key as ESORICS: Proc. European Symp. Research in Computer
an alert message to pc suite. This key recommends the Security.
legitimate user not adversaries those intermixed with web
server. If the user wants to update their information, an [5] J. Newsome, B. Karp, and D.X. Song, (2005) “Polygraph:
Automatically Generating Signatures for Polymorphic
One time password will be generated by the server and Worms,” Proc. IEEE Symp. Security and Privacy.
send to the user’s mobile number to identify the that
request was made by the prominent user or not. It also [6] Author- B. Parno, J.M. McCune, D. Wendlandt, D.G.
ensures the security by informing the user, if the hacker is Andersen, and A.Perrig, (2009) “CLAMP: Practical Prevention
attempting to hack is user’s account. of Large-Scale Data Leaks”,Proc. IEEE Symp. Security and
Privacy.
4.6 Access to Web Applications
[7] C.Anley ,(2002), “Advanced Sql Injection in Sql server
This module specifies the access according to the user Applications ,” technicalreport , Next Generation Security
Software , Ltd .
request and also allowing for user transaction. Here the
double guard mechanism creates the mapping between
6
[8] C. Krugel and G. Vigna ,(2003)”Anamoly Detection Of Web
Based Attacks ,” Proc. 10 th ACM conf.Computer and
comm.Security (ssc).