Application related security issues

Cloud malware injection attack: In this attack a malicious virtual machine or a service implementation is injected into the cloud system. one solution to prevent this is to perform the integrity check to the service instance.

Cookie poisoning: In this an unauthorized access is made into the application by modifying the contents of the cookie. One solution is to clean up the cookie or encrypt the cookie data.
Backdoor and Debug Option: Debug option is for the developers who use it to implement  any changes requested at later stage in a website  since these debug option provides back entry for the  developers, sometimes these debug options are left enabled unnoticed, they may provide easy access to  the hackers  and allow them to make changes in the website.
Hidden Field Manipulation: Certain fields are hidden in the web-site and is used by the developers. Hacker can  easily modify on the web page.

Comments

Post a Comment

Popular posts from this blog

What is Cloud Computing?

“Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”          Cloud Computing by NIST It is an internet based computing where all the shared resources ,software and information are provided to the computers and devices on demand. Users can access the information from anywhere and anytime
Keep reading

Cloud service models

• Software as a Service (SaaS):                  -- It offers renting application functionality from a service provider rather than buying, installing and running software by the user. • Platform as a Service ( PaaS ) :                 -- It provides a platform in the cloud, upon which applications can be developed and executed. • Infrastructure as a Service ( IaaS ) :                   -- vendors offer computing power and storage space on demand.
Keep reading