Academic
Publications
Early Detection of Security Misconfiguration Vulnerabilities in Web Applications

Early Detection of Security Misconfiguration Vulnerabilities in Web Applications,10.1109/ARES.2011.31,Birhanu Eshete,Adolfo Villafiorita,Komminist Wel

Early Detection of Security Misconfiguration Vulnerabilities in Web Applications  
BibTex | RIS | RefWorks Download
This paper presents a web-based tool to supple- ment defense against security misconfiguration vulnerabilities in web applications. The tool automatically audits security con- figuration settings of server environments in web application development and deployment. It also offers features to automat- ically adjust security configuration settings and quantitatively rates level of safety for server environments before deploying web applications. Using the tool, we were able to evaluate eleven server packages for Apache, PHP and MySQL across three operating system platforms. Our evaluation revealed that the tool is able to audit current security configuration settings and alert users to fix the server environment to achieve the level of safety of security configuration with respect to recommended configurations for real-life web application deployment. Keywords-Web Applications; Security; Configuration; Web Server Environments; Deployment;
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.