TY  - JOUR
T1  - Secure Web Application Development Prototype Using Enterprise Security
Application Programming Interface (ESAPI)
AU - Rasheed, Abdul Barakath Mohamed AU - Shanmugam, Bharanidharan AU - Samy, Ganthan Narayana AU - Maarop, Nurazean AU - Magalingam, Pritheega AU - Yeo, Khar Cheng AU - Azam, Sami 
JO  - Asian Journal of Information Technology
VL  - 16
IS  - 1
SP  - 7
EP  - 13
PY  - 2017
DA  - 2001/08/19
SN  - 1682-3915
DO  - ajit.2017.7.13
UR  - https://makhillpublications.co/view-article.php?doi=ajit.2017.7.13
KW  - Web application security risks
KW  -Rapid Application Development (RAD)
KW  -Application Programming Interface (API)
KW  -Enterprise Security Application Programming Interface (ESAPI)
KW  -Open Web Application Security Project (OWASP)
AB  - The web application has been playing a key role in the development of modern society. Unlike
traditional applications, modern web applications are generally more exposed to untrusted users, data and
transmission medium. According to a cenzic 2014 report 96% of all applications tested in 2013 have one or more
serious security vulnerability. The root causes behind these vulnerabilities are lack of application security
awareness, design flaws and secure coding. Furthermore, developers frequently see functionality as more
important than security. Therefore, this study proposed a simple implementation of the single security
Application Programming Interface (API) that could minimize web application security flaws and prevent from
critical malicious attacks. A prototype application is developed with open web Application Security Project
(OWASP) enterprise security application API based on Rapid Application Development (RAD) methodology.
Thus, this study been carried out with an aim to fill the gap between web application development and
application security domain.
ER  -