Skip to main content
Article thumbnail
Location of Repository


By G. E. Okereke and C. C. Osuagwu Phd


Web pages today are currently used in contemporary business transaction worldwide for its obvious advantage of wider outreach. Business transactions on an unsecured web site expose the parties involved in the transaction to risks ranging from fraud to loss of integrity as well as fund loss. This paper examines security metrics models available for web application systems and proposes a model for evaluating the security status/posture of web applications for vulnerability analysis. The model extracts vulnerability attributes associated with authentication and authorization features in character size count of login parameters in a password, auto-complete status, hypertext mark-up language (HTML) component tags and control buttons as well as cross-site scripting and structured query language (sql) injection. The result obtained from the vulnerability attributes of the web page is used to rank the security status of the web page

Topics: Security Metrics, Metrics Model, Web Applications, vulnerability analysis, Security Status and Ranking
Year: 2014
OAI identifier: oai:CiteSeerX.psu:
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.