A Web-based Integrated Console for Controlling a Set of Networks (WICCSN) - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

A Web-based Integrated Console for Controlling a Set of Networks (WICCSN)

Description:

A Web-based Integrated Console for Controlling a Set of Networks (WICCSN) An N-tier web application Presented by: Tuan Anh Nguyen & Shamima Rahman – PowerPoint PPT presentation

Number of Views:64
Avg rating:3.0/5.0
Slides: 18
Provided by: UHCL4
Category:

less

Transcript and Presenter's Notes

Title: A Web-based Integrated Console for Controlling a Set of Networks (WICCSN)


1
A Web-based Integrated Console for Controlling a
Set of Networks (WICCSN)
  • An N-tier web application
  • Presented by Tuan Anh Nguyen
  • Shamima Rahman
  • Course CSCI5234 (Web Security)
  • Instructor Dr Andrew Yang
  • Fall 2005

2
Overview
  • Project Specifications.
  • Project Design
  • Logical architecture of WICCSN
  • Design Overview of WICCSN
  • Database Structure.
  • Application Vulnerabilities
  • Project Snapshots
  • References

3
Project Specifications
  • Title A Web-based Integrated Console for
    Controlling a Set of Networks (WICCSN).
  • Definition An online managing tool to view the
    specifications of equipments/devices used in a
    network through web interface.
  • Targeted network is the Distributed Computer
    Security Lab (DCSL).

4
Project Specifications (cont.)
  • Special Feature WICCSN follows n-tier
    application template with database server as back
    end tier, web server as middle tier and user web
    browser as front tier.
  • Technologies
  • WICCSN is composed of html and Java Server pages
    (JSP)
  • Technical Specification for deployment
  • DBMS Oracle 8i Enterprise Edition
  • Server Tomcat 5.5.9

5
Project Design
  • Logical architecture of WICCSN

6
Application Vulnerabilities
Potential vulnerabilities common to 3 tier web
based applications
7
Application Vulnerabilities (contd.)
  • Plain insecure communication between web client
    and web server.
  • The data exchanged between web client and web
    server can be intercepted easily with a protocol
    analyzer, network snooper.
  • Even the login information is revealed to
    snoopers, as account names and passwords are
    transferred in clear text.

8
Application Vulnerabilities (contd.)
  • The communication between the web server and
    database server is not secure also.
  • May disclose the transmitted data to snoopers.
  • The attackers can intercept the data in
    transmission and modify it before sending it to
    web server. In this situation, MIA can happen.

9
Project Design (contd.)
  • Design Overview of WICCSN

10
Project Design (contd.)
  • Database Structure

11
Project Design (contd.)
  • Database Structure

12
Project Snapshots (contd.)
  • Login Page ?

13
Project Snapshots (contd.)
  • Insert
  • Page ?

14
Project Snapshots (contd.)
  • Update
  • Page ?

15
Project Snapshots (contd.)
  • Update
  • Page ?

16
References
  • 1 SDS Outline, The University of Texas at
    Austin, 1999.
  • from http//www.cs.utexas.edu/
  • 2 Nguyen, Viet Phuong, Vu, Tat Dat, Nguyen, Anh
    Tuan, Dinh, Ngoc Lan. Elevator Simulation
    System System Design Specification, 2003.
  • 3 Garms, Jess and Somerfield , Daniel,
    Professional Java Security ,Wrox Press Ltd
  • 4 Explore the world of Application Servers
  • http//javaboutique.internet.com/articles/App
    Servers/
  • 5 http//java.sun.com/j2se/1.4.2/docs/api/index.
    html

17
Thank you
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "A Web-based Integrated Console for Controlling a Set of Networks (WICCSN)" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!