{"created":"2025-01-19T01:00:57.485504+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00196255","sets":["6504:9795:9814"]},"path":["9814"],"owner":"6748","recid":"196255","title":["コードインジェクション攻撃対策のためのCSP構成自動化についての提案"],"pubdate":{"attribute_name":"公開日","attribute_value":"2019-02-28"},"_buckets":{"deposit":"66fd9dcc-4a1e-47df-847a-8b7937e8c0bb"},"_deposit":{"id":"196255","pid":{"type":"depid","value":"196255","revision_id":0},"owners":[6748],"status":"published","created_by":6748},"item_title":"コードインジェクション攻撃対策のためのCSP構成自動化についての提案","author_link":["469500","469499","469502","469501"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"コードインジェクション攻撃対策のためのCSP構成自動化についての提案"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"セキュリティ","subitem_subject_scheme":"Other"}]},"item_type_id":"22","publish_date":"2019-02-28","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_22_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"岩手県大"},{"subitem_text_value":"岩手県大"},{"subitem_text_value":"岩手県大"},{"subitem_text_value":"岩手県大"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/196255/files/IPSJ-Z81-4ZA-08.pdf","label":"IPSJ-Z81-4ZA-08.pdf"},"date":[{"dateType":"Available","dateValue":"2019-05-27"}],"format":"application/pdf","filename":"IPSJ-Z81-4ZA-08.pdf","filesize":[{"value":"460.7 kB"}],"mimetype":"application/pdf","accessrole":"open_date","version_id":"7e40b9f8-87c6-42c8-b3be-1af667a55d25","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2019 by the Information Processing Society of Japan"}]},"item_22_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"梅内, 翼"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"小倉, 加奈代"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Bhed, Bahadur Bista"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"高田, 豊雄"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_22_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00349328","subitem_source_identifier_type":"NCID"}]},"item_22_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"Webはインターネット上での情報交換のための主要なプラットフォームとなっており，今日では多数のWebアプリケーションが公開されている．しかし，WebアプリケーションにはXSS攻撃をはじめとするコードインジェクション系の攻撃の発生が懸念されている．本稿では，このような攻撃の対策として有力であるContent Security Policy(CSP)の構成を，HTMLファイルとJavaScriptファイルの解析を通して自動化する手法について提案する．また，本手法を実装し，模擬的なWebアプリケーションに対して実行することで本手法が有効に動作することを検証する．","subitem_description_type":"Other"}]},"item_22_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"452","bibliographic_titles":[{"bibliographic_title":"第81回全国大会講演論文集"}],"bibliographicPageStart":"451","bibliographicIssueDates":{"bibliographicIssueDate":"2019-02-28","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"1","bibliographicVolumeNumber":"2019"}]},"relation_version_is_last":true,"weko_creator_id":"6748"},"id":196255,"updated":"2025-01-19T22:47:52.277423+00:00","links":{}}