{"id":"https://openalex.org/W2063321466","doi":"https://doi.org/10.5539/cis.v2n4p137","title":"Developing a Secure Web Application Using OWASP Guidelines","display_name":"Developing a Secure Web Application Using OWASP Guidelines","publication_year":2009,"publication_date":"2009-10-19","ids":{"openalex":"https://openalex.org/W2063321466","doi":"https://doi.org/10.5539/cis.v2n4p137","mag":"2063321466"},"language":"en","primary_location":{"id":"doi:10.5539/cis.v2n4p137","is_oa":true,"landing_page_url":"https://doi.org/10.5539/cis.v2n4p137","pdf_url":"https://ccsenet.org/journal/index.php/cis/article/download/4279/3726","source":{"id":"https://openalex.org/S2764452479","display_name":"Computer and Information Science","issn_l":"1913-8989","issn":["1913-8989","1913-8997"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310322531","host_organization_name":"Canadian Center of Science and Education","host_organization_lineage":["https://openalex.org/P4310322531"],"host_organization_lineage_names":["Canadian Center of Science and Education"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computer and Information Science","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://ccsenet.org/journal/index.php/cis/article/download/4279/3726","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5025521957","display_name":"Khairul Anwar Sedek","orcid":"https://orcid.org/0000-0003-1323-2129"},"institutions":[{"id":"https://openalex.org/I82724352","display_name":"Universiti Teknologi MARA","ror":"https://ror.org/05n8tts92","country_code":"MY","type":"education","lineage":["https://openalex.org/I82724352"]}],"countries":["MY"],"is_corresponding":true,"raw_author_name":"Khairul Anwar Sedek","raw_affiliation_strings":["Faculty of Computer Science and Mathematics, Universiti Teknologi MARA (UiTM) Kampus Arau, 02600 Arau, Perlis, Malaysia"],"affiliations":[{"raw_affiliation_string":"Faculty of Computer Science and Mathematics, Universiti Teknologi MARA (UiTM) Kampus Arau, 02600 Arau, Perlis, Malaysia","institution_ids":["https://openalex.org/I82724352"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086065827","display_name":"Norlis Osman","orcid":null},"institutions":[{"id":"https://openalex.org/I82724352","display_name":"Universiti Teknologi MARA","ror":"https://ror.org/05n8tts92","country_code":"MY","type":"education","lineage":["https://openalex.org/I82724352"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Norlis Osman","raw_affiliation_strings":["Faculty of Computer Science and Mathematics, Universiti Teknologi MARA (UiTM) Kampus Arau, 02600 Arau, Perlis, Malaysia"],"affiliations":[{"raw_affiliation_string":"Faculty of Computer Science and Mathematics, Universiti Teknologi MARA (UiTM) Kampus Arau, 02600 Arau, Perlis, Malaysia","institution_ids":["https://openalex.org/I82724352"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040631899","display_name":"Mohd Nizam Osman","orcid":"https://orcid.org/0000-0002-8104-4704"},"institutions":[{"id":"https://openalex.org/I82724352","display_name":"Universiti Teknologi MARA","ror":"https://ror.org/05n8tts92","country_code":"MY","type":"education","lineage":["https://openalex.org/I82724352"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Mohd Nizam Osman","raw_affiliation_strings":["Faculty of Computer Science and Mathematics, Universiti Teknologi MARA (UiTM) Kampus Arau, 02600 Arau, Perlis, Malaysia"],"affiliations":[{"raw_affiliation_string":"Faculty of Computer Science and Mathematics, Universiti Teknologi MARA (UiTM) Kampus Arau, 02600 Arau, Perlis, Malaysia","institution_ids":["https://openalex.org/I82724352"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5066092457","display_name":"Hj. Kamaruzaman Jusoff","orcid":null},"institutions":[{"id":"https://openalex.org/I82724352","display_name":"Universiti Teknologi MARA","ror":"https://ror.org/05n8tts92","country_code":"MY","type":"education","lineage":["https://openalex.org/I82724352"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Hj. Kamaruzaman Jusoff","raw_affiliation_strings":["Faculty of Computer Science and Mathematics, Universiti Teknologi MARA (UiTM) Kampus Arau, 02600 Arau, Perlis, Malaysia"],"affiliations":[{"raw_affiliation_string":"Faculty of Computer Science and Mathematics, Universiti Teknologi MARA (UiTM) Kampus Arau, 02600 Arau, Perlis, Malaysia","institution_ids":["https://openalex.org/I82724352"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5025521957"],"corresponding_institution_ids":["https://openalex.org/I82724352"],"apc_list":null,"apc_paid":null,"fwci":1.5526,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":{"value":0.88689498,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":"2","issue":"4","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.9937999844551086,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9721999764442444,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7888211011886597},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.6504768133163452},{"id":"https://openalex.org/keywords/guideline","display_name":"Guideline","score":0.6188881397247314},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5782032608985901},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4823862612247467},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.47787347435951233},{"id":"https://openalex.org/keywords/trustworthiness","display_name":"Trustworthiness","score":0.4260699450969696},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.37023407220840454},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.35610851645469666},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.35475587844848633},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.3082844018936157},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2749175429344177},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.23811548948287964},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.12021288275718689}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7888211011886597},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.6504768133163452},{"id":"https://openalex.org/C2780182762","wikidata":"https://www.wikidata.org/wiki/Q1630279","display_name":"Guideline","level":2,"score":0.6188881397247314},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5782032608985901},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4823862612247467},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.47787347435951233},{"id":"https://openalex.org/C153701036","wikidata":"https://www.wikidata.org/wiki/Q659974","display_name":"Trustworthiness","level":2,"score":0.4260699450969696},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.37023407220840454},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.35610851645469666},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.35475587844848633},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.3082844018936157},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2749175429344177},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.23811548948287964},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.12021288275718689},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.5539/cis.v2n4p137","is_oa":true,"landing_page_url":"https://doi.org/10.5539/cis.v2n4p137","pdf_url":"https://ccsenet.org/journal/index.php/cis/article/download/4279/3726","source":{"id":"https://openalex.org/S2764452479","display_name":"Computer and Information Science","issn_l":"1913-8989","issn":["1913-8989","1913-8997"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310322531","host_organization_name":"Canadian Center of Science and Education","host_organization_lineage":["https://openalex.org/P4310322531"],"host_organization_lineage_names":["Canadian Center of Science and Education"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computer and Information Science","raw_type":"journal-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.669.4039","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.669.4039","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://ccsenet.org/journal/index.php/cis/article/viewFile/4279/3726/","raw_type":"text"},{"id":"pmh:oai:psasir.upm.edu.my:13979","is_oa":true,"landing_page_url":"http://www.ccsenet.org/journal/index.php/cis/issue/view/190","pdf_url":null,"source":{"id":"https://openalex.org/S4377196260","display_name":"Universiti Putra Malaysia Institutional Repository (Universiti Putra Malaysia)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I130343225","host_organization_name":"Universiti Putra Malaysia","host_organization_lineage":["https://openalex.org/I130343225"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Article"}],"best_oa_location":{"id":"doi:10.5539/cis.v2n4p137","is_oa":true,"landing_page_url":"https://doi.org/10.5539/cis.v2n4p137","pdf_url":"https://ccsenet.org/journal/index.php/cis/article/download/4279/3726","source":{"id":"https://openalex.org/S2764452479","display_name":"Computer and Information Science","issn_l":"1913-8989","issn":["1913-8989","1913-8997"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310322531","host_organization_name":"Canadian Center of Science and Education","host_organization_lineage":["https://openalex.org/P4310322531"],"host_organization_lineage_names":["Canadian Center of Science and Education"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computer and Information Science","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.47999998927116394,"id":"https://metadata.un.org/sdg/9"},{"display_name":"Partnerships for the goals","score":0.4399999976158142,"id":"https://metadata.un.org/sdg/17"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2063321466.pdf","grobid_xml":"https://content.openalex.org/works/W2063321466.grobid-xml"},"referenced_works_count":6,"referenced_works":["https://openalex.org/W195594203","https://openalex.org/W1508855726","https://openalex.org/W1527762547","https://openalex.org/W1826972226","https://openalex.org/W2003505783","https://openalex.org/W2117618105"],"related_works":["https://openalex.org/W2139596909","https://openalex.org/W3139770152","https://openalex.org/W2913452075","https://openalex.org/W2064213895","https://openalex.org/W178471791","https://openalex.org/W2070218579","https://openalex.org/W2156201195","https://openalex.org/W4313139008","https://openalex.org/W4312473963","https://openalex.org/W3166827888"],"abstract_inverted_index":{"Developing":[0],"a":[1,12,19,28,101,135,170],"secure":[2,20,37,53],"Web":[3,21,38,54],"application":[4],"is":[5,45,59,109,146],"very":[6],"difficult":[7],"task.":[8],"Therefore":[9],"developers":[10],"need":[11],"guideline":[13,47,131,145],"to":[14,17,32,51,68,111],"help":[15],"them":[16],"develop":[18],"application.":[22,39,55,78,122,138],"Guideline":[23],"can":[24,156],"be":[25,157],"used":[26,110,158],"as":[27,97,159],"checklist":[29],"for":[30,76,169],"developer":[31,50,164],"achieve":[33],"minimum":[34],"standard":[35,102],"of":[36,72,116,118,152],"This":[40],"study":[41],"evaluates":[42],"how":[43],"good":[44],"OWASP":[46,144],"in":[48,133,148,166],"helping":[49],"build":[52],"The":[56,107],"developed":[57,120],"system":[58,74,154],"then":[60],"tested":[61],"using":[62],"code":[63],"auditing":[64],"and":[65,155],"penetration":[66],"testing":[67,82],"identify":[69],"the":[70,73,77,81,92,114,119,130,140,150,153],"achievement":[71],"security":[75,117],"After":[79],"applying":[80],"techniques":[83],"from":[84],"Open":[85],"Source":[86],"Security":[87],"Testing":[88],"Methodology":[89],"(OSSTMM)":[90],"on":[91,113],"Top":[93],"Ten":[94],"Critical":[95],"vulnerabilities":[96],"defined":[98],"by":[99,161],"OWASP,":[100],"measure":[103],"score":[104,108,126],"are":[105],"calculated.":[106],"decide":[112],"level":[115],"web":[121,137,163],"A":[123],"high":[124],"percentage":[125],"would":[127],"indicate":[128],"that":[129,143],"helps":[132],"building":[134],"secured":[136],"Hence,":[139],"result":[141],"proved":[142],"effective":[147],"ensuring":[149],"trustworthiness":[151],"referral":[160],"other":[162],"especially":[165],"developing":[167],"applications":[168],"university.":[171]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2021,"cited_by_count":3},{"year":2019,"cited_by_count":2},{"year":2014,"cited_by_count":1}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}