In this paper we examine the security issues in functionality extension mechanisms supported by web browsers. Extensions (or “plug-ins”) in modern web browsers enjoy unlimited power without restraint and thus are attractive vectors for malware. To solidify the claim, we take on the role of malware writers looking to assume control of a user’s browser space. We have taken advantage of the lack o...

Today the World Wide Web is considered to be a platform for building distributed applications. This evolution is made possible by browsers with processing capabilities and by programming languages that allow web designers to embed real programs into HTML documents. Downloading and executing code from anywhere on the Internet brings security problems along with it. A systematic and thorough anal...

The growth of the Internet and the World Wide Web has led to demand for Web extensions, such as the ability to run server-supplied code on a Web client. We examine the HotJava Web browser and the Java language in which it is implemented. We demonstrate several attacks that compromise HotJava's security. Some of these attacks are made possible through browser code that fails to enforce access pe...

The rapid growth of networking, data sharing, and the Internet has made computer security an important part of computer research and development. A number of highly secure operating systems have been developed to handle the increasing need for security. These operating systems, typically called Trusted Operating Systems, offer a number of security mechanisms that can help protect information, m...

In network communication age, information technology is being at the continuous and rapid evolution process. Network access equipment, information system and Web Apps must rapidly and continuously update to meet the user interested requirements. Major challenge of Web Apps frequent changes is the security of user personal data and transactions information. Vulnerability scanning and penetration...

Web services are self-contained modular applications that provide a computation upon request. These services can be described, published, located, and invoked over a network, generally over the Internet. However, intranets, extranets, and LANs can also be used. as well. In using web services for its information systems needs, a firm may open access to its information assets. This action can bec...

Securing web-based systems involves a whole host of security components and practices, such as managing user digital identities, user authorizations, creating a web portal, implementing single sign-on, managing and monitoring servers and other resources critical to the enterprise web. This paper describes some of the real world challenges encountered in implementing enterprise web security, and...

This paper first describes the developments in semantic web and then provides an overview of secure semantic web. In particular XML security, RDF security, and secure information integration and trust on the semantic web are discussed. Finally directions for research on secure semantic web are provided.

Background and objectives: Iran was reported in the high-risk group of World Food Security Map in 2008 .Identifying food insecurity is first step for executing interventions. Measuring household food security is its cornerstone. SAMAT System was designed to provide a variety of GIS-based reports to policy makers and managers in the field of food security. Methods and Materials: SAMAT system wa...

Web Services are widely used to provide services and exchange data among business units, customers, partners and suppliers for enterprises. Although Web Services significantly improve the interaction and development of processes in the business world, they raise several security concerns, since they greatly increase the exposure of critical enterprise data. Web Services exchange data using SOAP...