本文已被:浏览 1365次 下载 2763次
Received:December 03, 2011 Revised:February 14, 2012
Received:December 03, 2011 Revised:February 14, 2012
中文摘要: Web 扩展对于安全的一贯性具有综合影响。定义了影响安全模型的Web 入侵、网络入侵与Gadget 入侵的行为能力。提出了Web 扩展模型具有Web 概念的浏览器、服务器、协议的类、属性与方法。使用该扩展模型研究了重定向请求到入侵者服务器的交叉区域资源共享安全机制,以及相同区域源网站的引用验证安全机制,分析了两个机制的脆弱性,并提出了忽略重定向请求与禁止出口引用的解决方案。
Abstract:Web extensions for security consistency have a comprehensive impact. It defines the effect of security model capacity in the Web Attacker, Network Attacker and Gadget Attacker. Web extension model proposed the concept of a Web browser, server, protocol type, properties and methods. Finally, it studied using the extended model intruder server redirects the request to cross-origin resource sharing security mechanisms, and the same-origin site refer validation security mechanism, analysis of the vulnerability of the two mechanisms, and proposes ignore redirect request and suppress all outgoing refer solutions.
文章编号: 中图分类号: 文献标志码:
基金项目:
| Author Name | Affiliation |
| HE Xu | Department of Mechatronics and Information Engineering, Dazhou Vocational Technology College, Dazhou 635001, China |
| Author Name | Affiliation |
| HE Xu | Department of Mechatronics and Information Engineering, Dazhou Vocational Technology College, Dazhou 635001, China |
引用文本:
何旭.一种可扩展Web 模型安全机制.计算机系统应用,2012,21(8):89-93
HE Xu.Extensible Web Model Security Mechanism.COMPUTER SYSTEMS APPLICATIONS,2012,21(8):89-93
何旭.一种可扩展Web 模型安全机制.计算机系统应用,2012,21(8):89-93
HE Xu.Extensible Web Model Security Mechanism.COMPUTER SYSTEMS APPLICATIONS,2012,21(8):89-93
