Security of web applications

Document Type

News Article


Web applications are trusted by billions of users for performing day-to-day activities. Accessibility, availability and omnipresence of web applications have made them a prime target for attackers. A simple flaw in the application could allow an attacker to steal sensitive information and perform adversary actions, and hence it is important to secure web applications from attacks.

The security of the application is compromised due to the following factors: (i) The availability of business processing logic on the client-side, assists the attacker to trigger an attack against the end-user, (ii) The limited security support offered by the current widely used application development frameworks makes them prone to attacks, (iii) The interoperability and openness of XML used for providing interaction between heterogeneous web applications make them an easy target for attackers, and (iv) Further, web applications are implemented by developers focusing on correct and efficient implementation of functionality of the application rather than the security aspects. As a result, existing web applications are more vulnerable to attacks, and the exploitation of these vulnerabilities compromises the confidentiality, integrity and availability of data. Hence, a substantial amount of research is required to secure web applications by preventing vulnerabilities and extenuating attacks.

Further reading

  1. https://www.sciencedirect.com/science/article/abs/pii/S1084804518300225
  2. https://link.springer.com/article/10.1007/s10207-016-0359-4
  3. https://www.sciencedirect.com/science/article/abs/pii/S0164121216301571
  4. https://www.sciencedirect.com/science/article/abs/pii/S0950584916300234

Publication Date

Winter 11-1-2022