Abstract [eng] |
The purpose of this work is to create and analyze Web application firewall. Nowadays via the Internet it is very easy to access applications and databases. Standard firewalls are designed to restrict access to certain ports, or services. Standard network firewalls are unable to protect against Web application attacks. A Web application attack is the new type of threat. Web application firewall has to provide inbound and outbound access control of Web application. Before creating Web application firewall model it was important to analyze existing threats, protection methods and working solutions. The majority of protection methods and solutions are based on Open Web Application Security Project (OWASP). OWASP Top Ten Most Critical Web Application Vulnerabilities – a high-level document to help focus on the most critical issues. Project offers many solutions how to avoid potential threats. In this work was designed and tested Web embedded application firewall. The aim of creating Web application firewall model is to improve accuracy, performance and management of existing Web applications firewalls. Created Web application firewall model consist of modules, it helps to deploy each module separately. |