Browse Prior Art Database

Method and System for Preventing Intrusion in Web Applications

IP.com Disclosure Number: IPCOM000201545D
Publication Date: 2010-Nov-15
Document File: 3 page(s) / 83K

Publishing Venue

The IP.com Prior Art Database

Abstract

A method and system for preventing intrusion in web applications is disclosed. The method includes identifying vulnerabilities that exist in deployed web applications and patching the web applications with the fixes for the vulnerabilities.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 01 of 3

Method and System for Preventing Intrusion in Web Applications

Disclosed is a method and system for preventing intrusion in web applications in security critical environments.

Web-based applications are routinely used in security-critical environments, such as medical, financial, and government systems. Web Applications are developed by programmers. Typically, programmers who develop web applications do not understand security aspects of an enterprise network in which the web applications are deployed. The security of an organization is enforced by Network administrators who have little idea about working of web applications. As a result, vulnerable web-based applications are deployed and made available to the whole Internet. This creates easily exploitable entry points that may compromise the entire network.

Traditionally, firewalls have been used to protecting systems from intrusion. Firewalls filter network packets and block traffic based on ports. However, port "80", which is the entry point for web applications, is always open. This allows external users to interact with the web applications deployed within the enterprise network. Further, when vulnerability is identified in a deployed web application, the patch containing all the fixes may not be available. Also, there is a time lag between the availability of a patch and the deployment of the patch in the network. System administrators do not have control over how soon the patch containing all the fixes will be available. As a result, the network is left vulnerable during this time.

The method and system disclosed allows system administrators to regain control over the security of their networks. Fig. 1 illustrates the system components that identify vulnerabilities in order to protect the web applications from intrusion.

(This page contains 00 pictures or other non-text object)

Figure 1

As shown in Fig. 1, a web application vulnerability scanner is provided to identify vulnerabilities in the web applications deployed within an enterprise network. The web

1


Page 02 of 3

application vulnerability scanner spiders the web applications in order to identify all the urls and parameters associated with a web application. Thereafter, the urls and parameters are tested for vulnerabilities by passing various payloads as values and analyzing the response. In a scenario, this may be carried out in an automated manner.

In case the source code for the web application is available, a source code scanner may be used in conjunction with the web application vulnerability scanner to identify vulnerabilities. The vulnerabilities identified by the web application vulnerability scanner and the source code scanner point to the urls and parameters which ar...