Quality Of Secured Web Applications

ABSTRACT Adding security functions in existing Web application servers is now vital for the IS of companies and organizations. Writing crosscutting functions in complex software should take advantage of the modularity offered by new software development approaches. With Aspect-Oriented Programming AOP separating concerns when designing an application fosters reuse parameterization and maintenance. In this paper we design a security aspect called AOPSec for detecting SQL injection and Cross Scripting Site XSS that are common attacks in web Servers This paper presents a brief description for the mostly used AOP approaches and analyzes them from a security point of view. AspectJ is then considered the most appropriate language to enforce security issues but at the same time it is not complete. This paper shows that some security crosscutting concerns need more means than those that are currently exist in AspectJ.