Security of web servers and web services

Research output: Contributions to collected editions/worksContributions to collected editions/anthologiesResearch

Authors

Web servers and the Web services associated with them have become increasingly important in the last few years. Online banking, e-mail, and money, business- to-business (B2B), and business-to-client (B2C) transactions are growing rapidly. It is difficult to imagine modern business without these forms of networking. However, there are also significant negative aspects. In many cases, due to competitive pressures, companies and government agencies had to implement these services very fast, often too fast and without any appreciation of the concepts of security and protection. As a consequence, it turns out that a hacker can misuse with little effort these Web services or compromise the underlying database (e.g., to obtain access to credit cards numbers or social insurance information). A very significant percentage of the population in developed and developing countries is using wired and wireless connections for reading e-mails, accessing newsgroups, or using Internet banking. All these services are running on a Web server. Most Web servers are running the Apache or the Microsoft Internet Information Server (IIS) (all versions of both servers [Apache 1.3.x/2.x, IIS 3-6]) (Netcraft, 2006). Of these, older versions of the Internet Information Server are especially vulnerable to numerous attacks. Therefore, an attacker is in a position to break, with little effort, into many Web servers running IIS 4 or 5. However, the Apache Web server (running on Windows systems) is also vulnerable to similar attacks. Moreover, using a Web server based on UNIX or Linux is not a guarantee for a secure system. UNIX and Linux systems are also affected by inherent weaknesses and vulnerabilities such as buffer overflows and the handling of format strings (ZDNet, 2006). Readers who like to have more general insight are referred to works by Leiss (1990) and Garfinkel and Spafford (2002). These books give broader perspectives on Internet security.
Original languageEnglish
Title of host publicationEncyclopedia of multimedia technology and networking
EditorsMargherita Pagani
Number of pages9
Place of PublicationHershey, PA
PublisherInformation Science Reference
Publication date2009
Pages1284-1292
ISBN (print)978-1605660141, 1605660140
Publication statusPublished - 2009

Recently viewed

Publications

  1. Master of Disaster: A Disaster-Related Event Monitoring System From News Streams
  2. Short and long-term dominance of negative information in shaping public energy perceptions
  3. Peter Hay, Advanced Introduction to Private International Law and Procedure
  4. Development and validation of a questionnaire on parental health literacy in the context of promoting healthy lifestyles during childhood
  5. A note on the firm size - export relationship
  6. Employing complementary multivariate methods for a designed nontarget LC-HRMS screening of a wastewater-influenced river
  7. Contracting for Space
  8. Export entry, export exit, and productivity in German manufacturing industries
  9. Water Policy and Governance in Transition
  10. Effects of season and man-made changes on baseflow and flow recession
  11. TACKLING THE GLOBAL WASTE PROBLEM AS A MULTI-LEVEL PROCESS
  12. Aufbruch?!
  13. Mobbing
  14. Transparency in an Age of Digitalization and Responsibility
  15. Aspects of memory acts
  16. Identität ausser Kontrolle
  17. Kontextanalyse
  18. Leverage points for reversing paddock tree loss in Upper Lachlan grazing landscapes: A workshop report.
  19. Future-Making
  20. Dock labour in Hamburg
  21. Programmschriften
  22. The value of time in biological conservation and supplied ecosystem services
  23. Value-Based Transformation Management for Digital-Sustainable Co-Transformation
  24. Wer spricht den Satz „Wir sind das Volk“?
  25. Betriebsklima in kleinen und mittleren Unternehmen
  26. A strategy for an initial assessment of the ecotoxicological effects of transformation products of pesticides in aquatic systems following a tiered approach
  27. Toward “hardened” accountability?
  28. Selbst ist die Band.
  29. Fides implicita
  30. Works Councils and the Management of Human Resources
  31. Schulleitungsmonitor Schweiz 2021
  32. Health literacy action framework for health emergencies and infodemics
  33. People Information in Provenance Data
  34. Kontext