Peter Rot (2015) Development of a web store protected with certificates. EngD thesis.
Abstract
Each year web stores attract more customers. When programming these types of applications we have to consider two things: implementation of functionality and ensuring web security. A web store with three modules has been developed in the following thesis (a module for buyers, sellers and also for managing supplies). Special emphasis during development is placed on security. We also considered the guidelines from the OWASP organization. A defense against injection, XSS and CSRF has been implemented, as well as against attacks that exploit the broken authentication and session management. In addition, self-signed certificates X.509 were created which are necessary for signing in back-end system.
Actions (login required)