Next Article in Journal
The Learning of an Opponent's Approximate Preferences in Bilateral Automated Negotiation
Previous Article in Journal
An Assessment of Design Patterns' Influence on a Java-based E-Commerce Application
 
 
Journal of Theoretical and Applied Electronic Commerce Research is published by MDPI from Volume 16 Issue 3 (2021). Previous articles were published by another publisher in Open Access under a CC-BY 3.0 licence, and they are hosted by MDPI on mdpi.com as a courtesy and upon agreement with Faculty of Engineering of the Universidad de Talca.
Article

A Semantic Data Validation Service for Web Applications

1
Isra University, Science and IT Faculty
2
Yarmouk University, Computer Science Department, IT Faculty
J. Theor. Appl. Electron. Commer. Res. 2010, 5(1), 39-55; https://doi.org/10.4067/S0718-18762010000100005
Received: 13 August 2009 / Revised: 9 December 2009 / Accepted: 3 March 2010 / Published: 1 April 2010
An Input validation can be a critical issue. Typically, a little attention is paid to it in a web development project, because overenthusiastic validation can tend to cause failures in the software, and can also break the security upon web applications such as an unauthorized access to data. Now, it is estimated the web application vulnerabilities (such as XSS or SQL injection) for more than two thirds of the reported web security vulnerabilities. In this paper, we start with a case study of the bypassing data validation and security vulnerabilities such as SQL injection and then go on to discuss the merits of a number of common data validation techniques. We also review the different solutions to date to provide data validation techniques in ecommerce applications. From this analysis, a new data validation service which is based upon semantic web Technologies, has been designed and implemented to prevent the web security vulnerabilities at the application level and to secure the web system even if the input validation modules are bypassed. Our semantic architecture consists of the following components: RDFa annotation for elements of web pages, interceptor, RDF extractor, RDF parser, and data validator. The experimental results of the pilot study indicate that the proposed data validation service might provide a detection, and prevention of some web application attacks.
Keywords: Web Application; Data Validation; Vulnerabilities; e-Commerce; SQL injection; Web system; On the fly; Data Tampering Web Application; Data Validation; Vulnerabilities; e-Commerce; SQL injection; Web system; On the fly; Data Tampering
MDPI and ACS Style

Aljawarneh, S.; Alkhateeb, F.; Maghayreh, E.A. A Semantic Data Validation Service for Web Applications. J. Theor. Appl. Electron. Commer. Res. 2010, 5, 39-55. https://doi.org/10.4067/S0718-18762010000100005

AMA Style

Aljawarneh S, Alkhateeb F, Maghayreh EA. A Semantic Data Validation Service for Web Applications. Journal of Theoretical and Applied Electronic Commerce Research. 2010; 5(1):39-55. https://doi.org/10.4067/S0718-18762010000100005

Chicago/Turabian Style

Aljawarneh, Shadi, Faisal Alkhateeb, and Eslam Al Maghayreh. 2010. "A Semantic Data Validation Service for Web Applications" Journal of Theoretical and Applied Electronic Commerce Research 5, no. 1: 39-55. https://doi.org/10.4067/S0718-18762010000100005

Find Other Styles

Article Access Map by Country/Region

1
Only visits after 24 November 2015 are recorded.
Back to TopTop