110 likes | 239 Views
Misc. Announcements. Backup your work! Document team members’ contributions (so that if there is any dispute …) More Bonus credits: Create screencasts for Web service consumption and/or production using NetBeans 7.0
E N D
Misc. Announcements • Backup your work! • Document team members’ contributions (so that if there is any dispute …) • More Bonus credits: Create screencasts for Web service consumption and/or production using NetBeans 7.0 • Pre-Test2 (with past test questions!), Prototype Demo, and Final Milestone specs are posted! • Which teams to go first? • 2 options • Any volunteers for the first meeting day during the final presentation week? We need at least three! (notify me the day before) • Consolidate project presentations into 1 marathon day (on the 2nd meeting day) (Work on your project on the 1st meeting day) • Check website/email on the day before
Misc. Announcements • Project presentations to be held in OU 129 • Make sure that you load up everything you need on the IT GlassFish and Derby servers (not localhost) and be ready to present by simply typing the URL when you’re at the lead station. You’re not to load anything on the lead station! • Project presentation orders (alphabetical): • TBA • Send me an email indicating your preference (go 1st, go last, etc.) if you have any.
I’d probably cover the following topics in greater details • Security • SQL injection & XSS (Cross Site Scripting) • HTTPS • Various server-supported authentications, etc. • More Web services • REST • SOAP, WSDL, UDDI • More XML • XML Parsing • DOM • SAX • XSLT (extensible stylesheet language transformation) • DTD/XML Schema
Topics (cont’d) • Mobile Development • Android, iOS • M-Commerce (Mobile-Commerce) • Deploying WAR to server • More Architectural Issues • Scalability • Reliability • Portal Development • etc.
SQL Injection • “SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literalescape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.” [Wikipedia …] • “A form of attack on a database-driven Web site in which the attacker executes unauthorized SQL commands by taking advantage of insecure code on a system connected to the Internet. SQL injection attacks are used to steal information from a database from which the data would normally not be available and/or to gain access to an organization's host computers through the computer that is hosting the database.” [UCLA ..]
SQL Injection • Consider the following code segment for LoginServlet: String queryStr = "Select count(*) from IdPassword where Id = ‘ " + userName + " ‘ and Password = ‘ " + password + " ‘ "; rs = stmt.executeQuery(queryStr); // if login info is invalid, rs will have a row and the count will be 0. // Else, login is good. rs.next(); // get the count if (rs.getInt(1) == 0) outStr += "Your login info is incorrect. Try again."; else outStr += "Welcome back," + userName + ". Please buy something this time :)";
SQL Injection • Now consider the input: • Id: • 12345’ OR ‘1’=‘1 • Password: • abcxyz' OR '1'='1 • The hacker gets in!!! • Instead of Select count(*) from IdPassword where Id = ‘11111’ and Password = 'helloJava'; • You issue the query Select count(*) from IdPassword where Id = ‘12345’ or ‘1’=‘1’ and Password = 'abcxyz' or '1'='1';
SQL Injection • Another example of SQL Injection: • http://www.foo.com/news.jsp?story='100' UNION SELECT number from creditcards where type='visa' • This effectively makes the SQL statement: • SELECT story from news where id='100' UNION SELECT number from creditcards where type='visa'
A Tour of the Vulnerabilities • Cross-Site Scripting • “Cross-site scripting (XSS) is a type of computer securityvulnerability typically found in web applications that enables malicious attackers to injectclient-side script into web pages viewed by other users.”[Wikipedia] • Cause: The application writes unvalidated output in an HTTP response • Effect: An attacker is able to write data to the victim’s browser. The attacker may exploit a known browser vulnerability, or use JavaScript to run a phishing scam. More advanced attacks against a victim’s intranet are possible. • Sample code: • String name = request.getParameter(“name”); • response.getWriter().println(name); Ref: sdtimes, 2006
Vulnerabilities (cont’d) • Buffer Overflow • Cause: An unchecked boundary condition allows an attacker to write data outside the bounds of allocated memory • Effect: An attacker may be able to insert new instructions into the program and have the program execute those instructions • Sample code: • char buf[128]; • gets(buf);