Security and Privacy on the Web [Guest editors' introduction]

Abstract

Software enables every aspect of the Web. Everything from device communication to online social networks is achievable only because of multiple lines of code. For various reasons, designing and building security and privacy into Web software is often an afterthought for most developers. This results in easily compromised systems that pose significant privacy and security risks to users. The Web extra at https://youtu.be/juxM-mJERxc is an audio recording of Davide Falessi speaking with Guest Editors Tyrone Grandison, CEO of Proficiency Labs, and Larry Koved, Principal Research Staff Member at IBM Research, about why, at a bare minimum, Web software developers must ensure that their code is sufficiently hardened to protect against URL interpretation attacks, input validation attacks, SQL injection attacks, impersonation attacks, basic inference attacks, buffer overflow attacks, and inadvertent data disclosure attacks.