The term is new, but concept is not. Throughout the history of
computing, IT organizations have been using their own infrastructure to
host applications, data, servers etc. Now most of them are renting the
infrastructure, with remote servers to host their application or data.
Organizations called service providers exist especially to provide,
manage and maintain the infrastructure on which their client
organization’s application or data are hosted. The client organization
gets access controls to manage their applications and data hosted on the
remote server. This is the main idea behind cloud computing. More here....
Three Researchers -- MIT's Adam Kiezun , Stanford's Philip Guo , and Syracuse University's Karthick Jayaraman -- has developed a new tool ' Ardilla ' that automatically finds and exploits SQL injection and cross-site scripting vulnerabilities in Web applications. It creates inputs that pinpoint bugs in Web applications and then generates SQL injection and XSS attacks. But for now Ardilla is for PHP -based Web app only. The researchers say Ardilla found 68 never-before found vulnerabilities in five different PHP applications using the tool -- 23 SQL injection and 45 XSS flaws. More information is awaited. For their attack generation techniques refer to their document at: http://www.cs.washington.edu/homes/mernst/pubs/create-attacks-tr054.pdf
Comments