Preventing SQL injections in online applications: Study, recommendations and Java solution prototype based on the SQL DOM
Loading...
Date
Author(s)
Citation for Previous Publication
Link to Related Item
Abstract
Description
SQL Injection Attacks are a relatively recent threat to the confidentiality, integrity and availability of online applications and their technical infrastructure, accounting for nearly a fourth of web vulnerabilitie. In this paper based on a master thesis, and numerous references therein, we present our study on the prevention of SQL Injections: overview of proposed approaches and existing solutions, and recommendations on preventive coding techniques for Java-powered web applications and other environments. Then, we review McClure’s SQL DOM approach for the prevention of SQL Injections in object-oriented applications. We also present our solution for Java-based online applications, SQLDOM4J, which is freely based on the SQL DOM but attempts to address some of our criticisms toward it, and evaluate its performance.
Item Type
http://purl.org/coar/resource_type/c_1843
Alternative
Other License Text / Link
Subject/Keywords
Language
en