Publications

Professional

  1. Bojan Jovičić, Dejan Simić: "Common Web Application Attack Types and Security Using ASP.NET", ComSIS (Computer Science and Information Systems), Volume 03 , Issue 02 (December 2006). Available online at http://www.comsis.fon.bg.ac.yu/ComSIS/Vol3No2/RegularPapers/paper3.htm

    Abstract.     Web applications security is one of the most daunting tasks today, because of security shift from lower levels of ISO OSI model to application level, and because of current situation in IT environment. ASP.NET offers powerful mechanisms to render these attacks futile, but it requires some knowledge of implementing Web application security. This paper focuses on attacks against Web applications, either to gain direct benefit by collecting private information or to disable target sites. It describes the two most common Web application attacks: SQL Injection and Cross Site Scripting, and is based on author’s perennial experience in Web application security. It explains how to use ASP.NET to provide Web applications security. There are some principles of strong Web application security which make up the part of defense mechanisms presented: executing with least privileged account, securing sensitive data (connection string) and proper exception handling (where the new approach is presented using ASP.NET mechanisms for centralized exception logging and presentation). These principles help raise the bar that attacker has to cross and consequently contribute to better security.

  2. Bojan Jovičić, Siniša Vlajić: "Evolution of ERP systems", InfoM, Volume 22 (2007). Abstract available online at http://www.infom.org.yu/brojevi/2007-22.html

    Abstract.     ERP (Enterprise Resource Planning) systems are information systems oriented on information support of biggest part of common business processes. ERP can stand for ERP processes, ERP systems, or ERP software. This paper reviews ERP systems history, starting from MRP, over Closed-Loop MRP, then MRP II, and to ERP and ERP II systems. Supported processes are reviewed as they have been incorporated in ERP trough time. Common areas of ERP and ES (Enterprise Software) are identified, with list of common ERP/ES software solutions, and software solutions of this category, that are used in our and neighboring country are listed.  

  

Personal

  1. Bojan Jovičić, "Magic: The Gathering" (In Serbian), Computer World (Svet Kompjutera), April, 2003. Available online at: http://www.sk.co.yu/2003/04/siak01.html