200 likes | 512 Views
Online Book store. Course Name: Web Security Project 1 Presented by Amruta Raichurkar Videhi Patel. Overview. Design Workflow Potential vulnerabilities. Design. 3 tier structure UML sequence diagram. Workflow. As user As administrator. Login. Registration. Home.
E N D
Online Book store Course Name: Web Security Project 1 Presented by Amruta Raichurkar Videhi Patel
Overview • Design • Workflow • Potential vulnerabilities
Design • 3 tier structure • UML sequence diagram
Workflow • As user • As administrator
Database • Tables - Members - Categories - Items - Orders - Card Types
Potential Vulnerabilities • Cross Site scripting(XSS) Act of writing malicious scripting code and tricking another users web Browser into running it using third party’s web server. It attempts to steal a cookie value of user’session and use it to log into the website. <b>foo</b> <script language =‘javascript’> alert(document.cookie)</script>
Potential Vulnerabilities • Impersonating user or system Malicious user acts as a legal receiver for the packet and steals it. The destined receiver does not get a copy of this packets.
Tools • J2SE 1.4.2 • Tomcat 4.1 • Mysql 4.1
References • Java – How to Program -Deitel & Deitel • Web Development with Java Server Pages -Duane K. Fields, Mark A. Kolb • www.java.sun.com