| Web代码安全人工审计内容的研究 |
| |
| 引用本文: | 何斌颖,杨林海.Web代码安全人工审计内容的研究[J].江西科学,2014,32(4):536-538. |
| |
| 作者姓名: | 何斌颖 杨林海 |
| |
| 作者单位: | 云南工商学院,651700,昆明 |
| |
| 摘 要: | Web系统的大量应用,各种安全事故频发,除了操作系统的安全漏洞以外,web系统的代码在编制的时候,不良的编码习惯、对操作过程中在代码中显露出安全重视不够等因素,导致系统在生产线中存在或大或小的隐患。web系统上线之前,系统一般会进行白盒、黑盒测试,但是并不能保障足够的安全,还应对代码和运行环境等进行详细的人工审计,可以大大减少安全事故。
|
| 关 键 词: | 代码审计 白盒 黑盒 安全漏洞 安全渗透 |
A Study of Web Artificial Code Security Audit |
| |
| HE Binying,YANG Linhai.A Study of Web Artificial Code Security Audit[J].Jiangxi Science,2014,32(4):536-538. |
| |
| Authors: | HE Binying YANG Linhai |
| |
| Institution: | ( Yunnan Technology and Business University, 651700, Kunming, PRC) |
| |
| Abstract: | Web system are commonly applicated in many enterprises, frequent accidents of all kinds of security are occured, in addition to the security bugs of the operating system, during programming, poor coding practices, exhibited in the operation code factors such as insufficient attention to safety, causing the system to present on the production line or greater or lesser risk. Generally web system should make the white box and black box testing, but does not guarantee adequate security. This article before the detailed manual audit code and runtime environment, can significantly reduce safty problem. |
| |
| Keywords: | code audit white box black box bugs security penetration |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
