Development of in-house applications security analyzer (iasa)

No Thumbnail Available
Journal Title
Journal ISSN
Volume Title
University of Dar es Salaam
In-house developed applications security has become a major concern in recent years. Hackers are using new techniques to gain access to sensitive data, disable applications and administer other malicious activities aimed at the applications. The need to secure applications is imperative for use in today's world. Until recently, applications security was an afterthought; developers were typically focused on functionality and features, waiting to implement security at the end of development. This approach to applications security has proven to be disastrous; much vulnerability has gone undetected allowing applications to be attacked and damaged. From Chapter two, it is clear that, developers are not effective in ensuring security is implemented in in-house developed applications, while at the same time most IT professionals (84.5%) employed in organizations have less than 5 years of IT experience, which is not enough to ensure that the applications developed and installed in their systems are secure. The study was about analyzing in-house developed applications to determine possible flaws in those applications and design and implement an analyzer which will be used to scan the application codes, discover the possible flaws and provide recommendations on how to mitigate them. A tool named Meg Application Analyzer has been developed specifically for this task. Meg Application Analyzer uses static analysis to inspect Java byte code for occurrences of bug patterns. Static analysis means that Meg Application Analyzer can find bugs by simply inspecting a program's code; executing the program is not necessary, which makes it very easy to use.
Available in print copy
tanzania, security
Mushi, M.J.(2008) Development of in-house applications security analyzer (iasa), Master dissertation, University of Dar es Salaam. Dar es Salaam.