Security in Open Source Web Content Management Systems

被引：11

作者：

Meike, Michael

Sametinger, Johannes ^{[1
]}

Wiesauer, Andreas ^{[1
]}

机构：

[1] Johannes Kepler Univ Linz, Dept Business Informat, Lintz, Austria

来源：

IEEE SECURITY & PRIVACY | 2009年 / 7卷 / 04期

关键词：

Electronic commerce; Internet application; Open source software; Security;

D O I：

10.1109/MSP.2009.104

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Typically, users of Web content management systems lack expert knowledge of the technology itself, let alone the security issues therein. Complicating the matter, WCMS vulnerabilities are attractive targets for potential attackers. A security analysis of two popular, open-source WCMSs exposed significant security holes, despite the obvious efforts of their developer communities. These vulnerabilities leave the applications and their nonexpert users open to exploitation. © 2006 IEEE.

引用

页码：44 / 51

页数：8

共 13 条

[1]

[Anonymous], 2003, COMMUN ASSOC INF SYS, DOI DOI 10.17705/1CAIS.01133

[2]

Collins H., 2003, Enterprise knowledge portals: Next-generation portal solutions for dynamic information access, better decision making, and maximum results

[3]

*COMP DES, MAN WEBS US JOOML 30

[4]

*DRUP ASS, 2006, WRIT SEC COD

[5]

Hallikainen P, 2002, P 35 HAW INT C SYST, P238

[6]

Hoglund Greg, 2004, Exploiting Software: How to Break Code

[7]

HOWARD M, 2001, WRITING SECURE CODE

[8] Towards an integrated conceptual model of security and dependability [J].

Jonsson, Erland .

First International Conference on Availability, Reliability and Security, Proceedings, 2006, :646-653

[9]

MCGRAW G, 2006, SFTWARE SECURITY BUI

[10]

Newman R., 2006, Proceedings of the 3rd annual conference on Information security curriculum development, P68

← 1 2 →