• Journal of the Korea Society of Computer and Information
• /
• v.14 no.2
• /
• pp.119-128
• /
• 2009

As use of web applications and web-based information systems increases, so web application attacks are increasing. Recently, XSRF(Gross Site Request Forgery) attacks among a variety of web attacks become important because victim's damage caused by such attacks can be severe. But adding security functions for preventing XSRF attacks to existing developed and running software systems could affect move dangerous and expensive to companies and organizations. We suggest effectively adding these security functions to legacy systems, could separate concerns using advantage of the modularity offered by AOP(Aspect-Oriented Programming) methodology. In this paper, we have presented approach for detecting and preventing XSRF in JEE systems using aspect of AOP.