Mode Switching for Secure Web Applications - A Juice Shop Case Scenario

Michael Riegler; Johannes Sametinger

doi:10.1007/978-3-030-87101-7_1

Mode Switching for Secure Web Applications - A Juice Shop Case Scenario

Research output: Chapter in Book/Report/Conference proceeding › Conference proceedings › peer-review

Abstract

Switching modes is a general mechanism that is used in many domains. We have suggested to use it for security purposes to make systems more resilient when vulnerabilities are known or when attacks are performed. OWASP provides several vulnerable web applications for testing and training security skills. We have the idea of applying mode switching to one of these applications in order to demonstrate its usefulness in increasing security. We have chosen Juice Shop as our sample application. In this paper (i) we suggest a multi-modal architecture for web applications; (ii) we present Juice Shop as our web application scenario; and (iii) we show first reflections on how mode switching can reduce attack surfaces and, thus, increase resilience.

Original language	English
Title of host publication	32nd DEXA Workshops, September 27 - 30, 2021, Vienna, Austria, virtual.
Publisher	Springer, Cham
Pages	3-8
Number of pages	6
Volume	1479
ISBN (Print)	978-3-030-87100-0
DOIs	https://doi.org/10.1007/978-3-030-87101-7_1
Publication status	Published - 2021

Publication series

Name	Communications in Computer and Information Science

Fields of science

202017 Embedded systems
102002 Augmented reality
102006 Computer supported cooperative work (CSCW)
102015 Information systems
102020 Medical informatics
102022 Software development
102034 Cyber-physical systems
201132 Computational engineering
201305 Traffic engineering
207409 Navigation systems
502032 Quality management
502050 Business informatics
503015 Subject didactics of technical sciences

JKU Focus areas

Digital Transformation

Access to Document

10.1007/978-3-030-87101-7_1

Software Security
Sametinger, J. (PI)
01.01.2009 → 31.12.2026
Project: Other › Project from scientific scope of research unit

Cite this

@inproceedings{144f1fbd7e8b46ac98b3cc4212cf0d6c,

title = "Mode Switching for Secure Web Applications - A Juice Shop Case Scenario",

abstract = "Switching modes is a general mechanism that is used in many domains. We have suggested to use it for security purposes to make systems more resilient when vulnerabilities are known or when attacks are performed. OWASP provides several vulnerable web applications for testing and training security skills. We have the idea of applying mode switching to one of these applications in order to demonstrate its usefulness in increasing security. We have chosen Juice Shop as our sample application. In this paper (i) we suggest a multi-modal architecture for web applications; (ii) we present Juice Shop as our web application scenario; and (iii) we show first reflections on how mode switching can reduce attack surfaces and, thus, increase resilience.",

author = "Michael Riegler and Johannes Sametinger",

year = "2021",

doi = "10.1007/978-3-030-87101-7_1",

language = "English",

isbn = "978-3-030-87100-0",

volume = "1479",

series = "Communications in Computer and Information Science",

publisher = "Springer, Cham",

pages = "3--8",

booktitle = "32nd DEXA Workshops, September 27 - 30, 2021, Vienna, Austria, virtual.",

}

Mode Switching for Secure Web Applications - A Juice Shop Case Scenario. / Riegler, Michael; Sametinger, Johannes.
32nd DEXA Workshops, September 27 - 30, 2021, Vienna, Austria, virtual.. Vol. 1479 Springer, Cham, 2021. p. 3-8 (Communications in Computer and Information Science).

Research output: Chapter in Book/Report/Conference proceeding › Conference proceedings › peer-review

TY - GEN

T1 - Mode Switching for Secure Web Applications - A Juice Shop Case Scenario

AU - Riegler, Michael

AU - Sametinger, Johannes

PY - 2021

Y1 - 2021

N2 - Switching modes is a general mechanism that is used in many domains. We have suggested to use it for security purposes to make systems more resilient when vulnerabilities are known or when attacks are performed. OWASP provides several vulnerable web applications for testing and training security skills. We have the idea of applying mode switching to one of these applications in order to demonstrate its usefulness in increasing security. We have chosen Juice Shop as our sample application. In this paper (i) we suggest a multi-modal architecture for web applications; (ii) we present Juice Shop as our web application scenario; and (iii) we show first reflections on how mode switching can reduce attack surfaces and, thus, increase resilience.

AB - Switching modes is a general mechanism that is used in many domains. We have suggested to use it for security purposes to make systems more resilient when vulnerabilities are known or when attacks are performed. OWASP provides several vulnerable web applications for testing and training security skills. We have the idea of applying mode switching to one of these applications in order to demonstrate its usefulness in increasing security. We have chosen Juice Shop as our sample application. In this paper (i) we suggest a multi-modal architecture for web applications; (ii) we present Juice Shop as our web application scenario; and (iii) we show first reflections on how mode switching can reduce attack surfaces and, thus, increase resilience.

U2 - 10.1007/978-3-030-87101-7_1

DO - 10.1007/978-3-030-87101-7_1

M3 - Conference proceedings

SN - 978-3-030-87100-0

VL - 1479

T3 - Communications in Computer and Information Science

SP - 3

EP - 8

BT - 32nd DEXA Workshops, September 27 - 30, 2021, Vienna, Austria, virtual.

PB - Springer, Cham

ER -

Mode Switching for Secure Web Applications - A Juice Shop Case Scenario

Abstract

Publication series

Fields of science

JKU Focus areas

Access to Document

Projects

Software Security

Cite this