Please help with this question!

Apr 26th, 2015
SoccerBoss
Category:
Computer Science
Price: $20 USD

Question description

Securing Programs

This week, you will look at the infrastructure of secure programs and some of the components that provide security. Using your online lectures, experience, and research, respond to the following questions:

  • Input validation is a layer of indirection between what a user enters and what is executed in a program. Why is this a significant concern on the web? What circumstances involving web pages make this a unique platform for entering malicious input? Give at least two examples of vulnerabilities for web applications that result from users entering malicious input into form fields.
  • What steps can be taken for input validation in cases in which the entry does not meet regular criteria, such as a phone number in which the pattern can be predicted? What is an example of input that does not have a regular pattern? How could this be protected by input validation?
  • Some web deployments call on precompiled components or libraries, such as NetBeans and C executables. How could these systems be protected from injection by users? Why might this be necessary?

Choose a programming language (such as Java, JavaScript, C, C++, Perl, PHP, etc.) and research using the Internet and South University Online Library resources to answer the following questions:

  • What are the primary security issues reported for this language?
  • Are there any known compiler or interpreter issues that introduce security vulnerabilities to this language?
  • How does this language handle bounds checking for arrays? Does this prevent or facilitate buffer overflows?
  • How does this language process strings from the user? Does this leave any security holes?
  • Is this language compiled or interpreted?
  • How is this language affected by deployment? Justify your answer.
  • Can the vulnerabilities of this language be corrected by defensive programming? Justify your answer.
  • Does this language provide authentication mechanisms?
  • Is the source code of this language accessible to the end user?
  • Is access control possible with this language? Why or why not?

Tutor Answer

(Top Tutor) Daniel C.
(997)
School: Duke University
PREMIUM TUTOR

Studypool has helped 1,244,100 students

8 Reviews


Summary
Quality
Communication
On Time
Value
tinytim47
Nov 30th, 2016
" Wow this is really good.... didn't expect it. Sweet!!!! "
Five Star Tutor
Nov 21st, 2016
" Outstanding Job!!!! "
mixedballz
Nov 17th, 2016
" excellent work as always thanks for the help "
lilmoe415
Nov 8th, 2016
" Thank you, Thank you, for top quality work, this is your guy!! "
darnay
Oct 25th, 2016
" The best tutor out there!!!! "
dontuwannaknow
Oct 16th, 2016
" Excellent work as always thanks so much "
SjSurvivor143
Oct 3rd, 2016
" Thanks for the help. "
Joemoe
Sep 19th, 2016
" <3 it, thanks for saving me time. "
Ask your homework questions. Receive quality answers!

Type your question here (or upload an image)

1822 tutors are online

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors