Evaluation of Web Application Security Risks and Secure Design Patterns

Abstract

The application of security in web application is of profound importance due to the extended use of web for business. Most of the attacks, are either because the developers are not considering security as a concern or due to the security flaws in designing and developing the applications. The enforcement of security in the software development life cycle of the application may reduce the high cost and efforts associated with implementing security at a later stage. For this purpose, various attempts has been made to define some security patterns keeping the attacks in mind. The developers now can use these patterns but sometimes it is difficult to choose a pattern from the large list, which may or may not suit the context. This paper is based on analyzing the existing security patterns. Here web application vulnerabilities has been classified and pairing is done between each vulnerability and a suitable pattern.