| Along with the increasing of network bandwidth, popularity of mobile internet, diversity of network terminations, the traditional applications are withdrawing from market due to their high dependency with operating system. On the contrary, web applications with B/S(Browser/Server) structure are dominating the market for the low cost of installing and maintaining. Consequently, how to defence security issues of web applications is becoming a new subject.In this article, we studied the whole course of working out the solution on application level for an old, complex and big enterprise web application according to the suggestions from OWASP.Recorded in the six chapters of this paper, firstly we studied the characteristics of enterprise web applications, and then we analyzed the ways of network security threats and defence. Then we made the plan of test schema and test tools by the life cycle and characteristics of the application, and we implemented the security solutions for the security flaws found during the testing.Finally the implemented solution passed the verifications and runs in the production environment already, which is protecting the sensitive data for clients, improving the security, defensing the network attacks. Now the application meets the new requirements of security.It has great significance to research how to find and implement the tailored positive security solution for big web applications according to the characteristics of real applications. |
PDF Full Text Request