Sitio web seguro frente a ciberataques
Loading...
Official URL
Full text at PDC
Publication date
2023
Advisors (or tutors)
Editors
Journal Title
Journal ISSN
Volume Title
Publisher
Citations
Exportar
Citation
Abstract
La continua integración de las nuevas tecnologías y su implementación como herramienta clave en las áreas más críticas de la sociedad, hace que la ciberseguridad sea una de las ramas más destacadas de la informática. Gracias a ella, se garantiza la disponibilidad de servicios críticos como sanitarios, bancarios, alimentarios, los cuales son esenciales para el funcionamiento adecuado de la sociedad y para mantener la cadena de suministro actual.
La temática de este trabajo de fin de grado se basa en la creación de una página web segura, capaz de resistir a ciberataques. La web pertenece a un hospital, donde, tanto los pacientes como los médicos pueden realizar diversas gestiones facilitando el acceso a servicios básicos para los pacientes y ayudando a la gestión y organización de los mismos para los médicos con el fin de brindar el mejor servicio posible.
Para comprobar y blindar la página web se han llevado a cabo diversos tipos de ciberataques, partiendo de los más básicos y fáciles de explotar como pueden ser SQL Injection, hasta técnicas más complejas que requieren un mayor conocimiento como puede ser la enumeración de usuarios o subida de archivos al servidor.
The continuous integration of new technologies and their implementation as a key tool in the most critical areas of society, makes cybersecurity one of the most important branches of IT. Thanks to it, the availability of critical services such as health, banking, food, which are essential for the proper functioning of society and to maintain the current supply chain, is guaranteed. The theme of this thesis is based on the creation of a secure website, able to withstand cyber-attacks. The website belongs to a hospital, where both patients and doctors can perform various procedures, facilitating access to basic services for patients and helping to manage and organize them for doctors to provide the best possible service. In order to test and shield the website, several types of cyber-attacks have been carried out, starting from the most basic and easy to exploit, such as SQL Injection, to more complex techniques that require more knowledge, such as user enumeration or file upload.
The continuous integration of new technologies and their implementation as a key tool in the most critical areas of society, makes cybersecurity one of the most important branches of IT. Thanks to it, the availability of critical services such as health, banking, food, which are essential for the proper functioning of society and to maintain the current supply chain, is guaranteed. The theme of this thesis is based on the creation of a secure website, able to withstand cyber-attacks. The website belongs to a hospital, where both patients and doctors can perform various procedures, facilitating access to basic services for patients and helping to manage and organize them for doctors to provide the best possible service. In order to test and shield the website, several types of cyber-attacks have been carried out, starting from the most basic and easy to exploit, such as SQL Injection, to more complex techniques that require more knowledge, such as user enumeration or file upload.
Description
Trabajo de Fin de Grado en Ingeniería Informática, Facultad de Informática UCM, Departamento de Ingeniería de Software e Inteligencia Artificial , Curso 2022/2023.