{"updated":"2025-01-21T20:40:19.756430+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00077903","sets":["6164:6165:6462:6551"]},"path":["6551"],"owner":"10","recid":"77903","title":["Webアプリケーションによるクロスサイトスクリプティング検査の提案と実装"],"pubdate":{"attribute_name":"公開日","attribute_value":"2011-10-12"},"_buckets":{"deposit":"5ad524d9-6d00-4988-b9fe-8c2a5f883654"},"_deposit":{"id":"77903","pid":{"type":"depid","value":"77903","revision_id":0},"owners":[10],"status":"published","created_by":10},"item_title":"Webアプリケーションによるクロスサイトスクリプティング検査の提案と実装","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Webアプリケーションによるクロスサイトスクリプティング検査の提案と実装"},{"subitem_title":"Proposal and implementation of Web application for Cross-site Scripting Inspection","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"ウェブ・メールセキュリティ（１）","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2011-10-12","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"慶應義塾大学環境情報学部"},{"subitem_text_value":"慶應義塾大学環境情報学部"},{"subitem_text_value":"慶應義塾大学大学院政策・メディア研究科"},{"subitem_text_value":"慶應義塾大学環境情報学部"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Faculty of Environment and Information Studies, Keio University","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Environment and Information Studies, Keio University","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Media and Governance, Keio University","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Environment and Information Studies, Keio University","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/77903/files/IPSJCSS2011008.pdf"},"date":[{"dateType":"Available","dateValue":"2012-10-12"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2011008.pdf","filesize":[{"value":"180.5 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"0","billingrole":"44"},{"tax":["include_tax"],"price":"30000","billingrole":"5"}],"accessrole":"open_date","version_id":"1aca21fb-e2c5-4762-9161-3acacd5177a1","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2011 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"中安, 恒樹"},{"creatorName":"山本, 知典"},{"creatorName":"上原, 雄貴"},{"creatorName":"武田, 圭史"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Koki, Nakayasu","creatorNameLang":"en"},{"creatorName":"Tomonori, Yamamoto","creatorNameLang":"en"},{"creatorName":"Yuki, Uehara","creatorNameLang":"en"},{"creatorName":"Keiji, Takeda","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"Webアプリケーションにおける脆弱性発生の防止には開発プログラムに既知の脆弱性が存在しないかを検査することが有効であるが，コスト等の制約で広く脆弱性検査が行われているとは言えない．本論文では，Webアプリケーションの脆弱性検査をWebアプリケーションで行い，開発者が容易に利用可能な脆弱性検査システムを提案する．今回実装したMusketは，検査対象の入力欄に文字列を自動入力，エスケープ処理の有無を確認することでクロスサイトスクリプティング脆弱性を検査する．Webアプリケーションから検査が可能となる為，セキュアなシステム開発に関し知識を持たない開発者であっても容易に検査を行うことが可能となる．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"To prevent occurrence of vulnerability on Web application, it is important to inspect developing program for pre-known vulnerability. However, as usual, the inspections are not conducted because it takes huge cost. In this article, we propose an usable web application inspecting system for vulnerability, which is made as web application. Musket, which we implemented this time, inputs strings to the parameter of the Web application and checks whether the escape process is working to inspect for Cross-site Scripting vulnerability. Developers will be able to inspect with Web application, this means that the developers doesn't need profound knowledge of Secure-develop for the inspection.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"47","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2011 論文集"}],"bibliographicPageStart":"42","bibliographicIssueDates":{"bibliographicIssueDate":"2011-10-12","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"3","bibliographicVolumeNumber":"2011"}]},"relation_version_is_last":true,"weko_creator_id":"10"},"created":"2025-01-18T23:33:23.491729+00:00","id":77903,"links":{}}