Sreenivasa Rao Basavala

Work place: Dept. of Computer Science & Engineering, CMJ University, Shillong, India

E-mail: basavala@gmail.com

Website:

Research Interests: Computer Networks, Application Security, Information Security, Network Security, Information-Theoretic Security

Biography

Mr. Sreenivasa Rao Basavala, M.Sc., M.Phil. M.Tech. SCJP, SCWCD, IBM-ACSE is a Sr.Application Security Engineer in Department of Yodlee Security Office. He has over 11 years of experience in IT industry and Academic. His areas of interests are Web Application Security, Software Engineering, Computer Networks, Cryptography, Mobile Application Security, Information Security, Database Security, DBMS and RDBMS. His area of research interest is Web Application Security, Mobile Application Security, Security code reviews and penetration (security) testing in various domains. Currently he is researching in Web Application Security under guidance of Dr.Narendra Kumar from CMJ University, Shillong, India. 

Author Articles
Finding Vulnerabilities in Rich Internet Applications (Flex/AS3) Using Static Techniques

By Sreenivasa Rao Basavala Narendra Kumar Alok Agarrwal

DOI: https://doi.org/10.5815/ijmecs.2012.01.05, Pub. Date: 8 Jan. 2012

The number and the importance of Rich Internet Applications (RIA) have increased rapidly over the last years. At the same time, the quantity and impact of security vulnerabilities in such rich internet applications (RIA) have increasing as well. Since manual code reviews are time consuming, error prone and costly and it need skilled developers or programmers to review the manual source code review, the need for automated solutions has become evident. In this paper, we address the problem of application security vulnerable detection in Adobe Flex (Rich Internet Applications) platform in web 2.0 applications by means of static source code analysis. To this end, we present precise analysis targeted at the unique reference semantics commonly found in RIA based web applications or widgets (small applications which will run on fly i.e. drag and drop) developed in Adobe Flex Framework or Action Script 3.0. Moreover, we enhance the quality and quantity of the generated vulnerability reports. 

[...] Read more.
Other Articles