| fullrecord |
[{"key": "dc.contributor.advisor", "value": "Lappalainen, Vesa", "language": null, "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Lehtinen, Mika", "language": null, "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2015-11-30T10:56:01Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2015-11-30T10:56:01Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2015", "language": null, "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.other", "value": "oai:jykdok.linneanet.fi:1505038", "language": null, "element": "identifier", "qualifier": "other", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/47871", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Modernit web-sovellukset ovat monimutkaisia, mink\u00e4 vuoksi ne voivat sis\u00e4lt\u00e4\u00e4 erilaisia haavoittuvuuksia. Jyv\u00e4skyl\u00e4n yliopiston tietotekniikan laitoksella on kehitteill\u00e4 The Interactive Material -j\u00e4rjestelm\u00e4, johon tallennetut dokumentit voivat sis\u00e4lt\u00e4\u00e4 interaktiivisia komponentteja ja jossa opiskelijat voivat esimerkiksi tehd\u00e4 luentomonisteeseen omia muistiinpanojaan. Tutkielmassa k\u00e4yd\u00e4\u00e4n l\u00e4pi web-sovellusten yleisimm\u00e4t haavoittuvuudet OWASP-organisaation Top 10 -listan mukaan ja selvitet\u00e4\u00e4n, mit\u00e4 n\u00e4ist\u00e4 haavoittuvuuksista TIM-j\u00e4rjestelm\u00e4n nykyisess\u00e4 versiossa on ja kuinka ne voidaan j\u00e4rkev\u00e4sti korjata. Haavoittuvuuskartoituksessa sovelletaan sek\u00e4 penetraatiotestausta ett\u00e4 l\u00e4hdekoodin systemaattista l\u00e4pik\u00e4ynti\u00e4. T\u00e4m\u00e4n konstruktiivisen tutkielman tuloksena saadaan joukko toteutustekniikoita, joiden avulla haavoittuvuudet voidaan v\u00e4ltt\u00e4\u00e4.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Modern web applications are complex, which is why they may contain various vulnerabilities. A web application called The Interactive Material is being developed at the Department of Mathematical Information Technology, University of Jyv\u00e4skyl\u00e4. Documents stored in TIM can contain interactive components and students are able, for instance, to make their own notes in the documents. This thesis presents the most common vulnerabilities found in web applications according to OWASP Top 10 and explores which of these vulnerabilities are present in the current version of TIM and how they can efficiently be fixed. Both penetration testing and systematic source code analysis are applied in the process of finding vulnerabilities. As a result of this constructive study, we obtain a set of implementation techniques, with the help of which the vulnerabilities can be avoided.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted using Plone Publishing form by Mika Lehtinen (mikkalle) on 2015-11-30 10:56:01.340777. Form: Pro gradu -lomake (https://kirjasto.jyu.fi/julkaisut/julkaisulomakkeet/pro-gradu-lomake). JyX data: [jyx_publishing-allowed (fi) =True]", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by jyx lomake-julkaisija (jyx-julkaisija.group@korppi.jyu.fi) on 2015-11-30T10:56:01Z\nNo. of bitstreams: 2\nURN:NBN:fi:jyu-201511303863.pdf: 732755 bytes, checksum: 14d6a7eb3bc993a6078f25d07057a0b1 (MD5)\nlicense.html: 4822 bytes, checksum: 7278fff7cd9ba7a56ef5be6448cfa72f (MD5)", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2015-11-30T10:56:01Z (GMT). No. of bitstreams: 2\nURN:NBN:fi:jyu-201511303863.pdf: 732755 bytes, checksum: 14d6a7eb3bc993a6078f25d07057a0b1 (MD5)\nlicense.html: 4822 bytes, checksum: 7278fff7cd9ba7a56ef5be6448cfa72f (MD5)\n Previous issue date: 2015", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "1 verkkoaineisto (111 sivua)", "language": null, "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.format.mimetype", "value": "application/pdf", "language": null, "element": "format", "qualifier": "mimetype", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "OWASP", "language": null, "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "TIM", "language": null, "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "OWASP Top 10 -haavoittuvuuksien korjaaminen TIM-j\u00e4rjestelm\u00e4st\u00e4", "language": null, "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-201511303863", "language": null, "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Pro gradu -tutkielma", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Master\u2019s thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Tietotekniikan laitos", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Department of Mathematical Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietotekniikka", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Mathematical Information Technology", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.date.updated", "value": "2015-11-30T10:56:02Z", "language": null, "element": "date", "qualifier": "updated", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": null, "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": "fi", "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "602", "language": null, "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "sovellukset", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "haavoittuvuus", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.format.content", "value": "fulltext", "language": null, "element": "format", "qualifier": "content", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}, {"key": "dc.type.okm", "value": "G2", "language": null, "element": "type", "qualifier": "okm", "schema": "dc"}]
|