Since 1984 and the commercialization of the Internet, the number of computers linked to the Internet as hosts has grown from approximately 1000 in 1984 to over 150 million1 in 2005. This growth means that there are more than 150 million people providing, using and sharing resources and information via the public network. These users and hosts are located all over the globe and are in every country that has access to the Internet. Different types of information and resources are available in many different forms, from informational web sites (static content), to interactive sites that display different results depending on the interaction (dynamic content) of the user. As with every population, you will have “good guys” and “bad guys” and every web site can fall victim to criminal activities. This paper will explain some of the different ways that criminals can do harm or get unauthorized information and how programmers can stop this by implementing security into their programming code.
What is a Web application
When web pages were first implemented they only displayed unchanging information, which is called static content. They may have included hyperlinks that would point to other web sites or web pages, which made it easy for users to get information from multiple or related web sites. These web sites didn’t offer any interactivity with users and didn't require user input. Techniques and programming languages were developed that allows newer web pages to include text boxes, check boxes, radio buttons, drop down lists and command buttons so that the user can provide data, information and commands to the web site. These web sites that change consists of dynamic web content and are also called interactive. Dynamic content is material on a Web page that is added or altered, usually after the page has been loaded by the Web browser and usually in response to actions or requests by the user.
This document is in PDF format. To view it click here.