Web应用程序的基本安全做法毕业论文外文文献翻译及原文.doc

毕 业 设 计（论文） 外 文 文 献 翻 译 文献、资料中文题目：Web 应用程序的基本安全做法 文献、资料英文题目：Basic Security Practices for Web Applications 文献、资料来源： 文献、资料发表（出版）日期： 院 （部）： 专 业： 班 级： 姓 名： 学 号： 指导教师： 翻译日期： 2017.02.14 外文文献翻译 Ⅰ 英文原文 Basic Security Practices for Web Applications Even if you have limited experience with and knowledge of application security, there are basic measures that you should take to help protect your Web applications. The following sections in this topic provide minimum-security guidelines that apply to all Web applications.General Web Application Security Recommendations;Run Applications with Minimum Privileges ;Know Your Users; Guard Against Malicious User Input;Access Databases Securely;Create Safe Error Messages;Keep Sensitive Information Safely;Use Cookies Securely;Guard Against Denial-of-Service Threats. 1. General Web Application Security Recommendations Even the most elaborate application security can fail if a malicious user can use simple ways to gain access to your computers. General Web application security recommendations include the following: Back up data often and keep your backups physically secure.Keep your Web server physically secure so that unauthorized users cannot gain access to it, turn it off, physically steal it, and so on.Use the Windows NTFS file system, not FAT32. NTFS offers substantially more security than FAT32. Protect the Web server and all of the computers on the same network with strong passwords.Follow best practices for securing Internet Information Services (IIS). Close any unused ports and turn off unused services.Run a virus checker that monitors site traffic.Use a firewall.Learn about and install the latest security updates from Microsoft and other vendors.Use Windows event logging and examine the logs frequently for suspicious activity. This includes repeated attempts to log on to your system and excessive requests against your Web server. 2. Run Applications with Minimum Privileges When your applicati