Title :
A two tier defense against SQL injection
Author :
Duhan, Neelam ; Saneja, Bharti
Author_Institution :
Dept. of CSE, Kurukshetra Univ., Kurukshetra, India
Abstract :
In recent years with increase in ubiquity and popularity of web based applications, information systems are frequently migrated to the web, which will jeopardize security and privacy of the users. One of the most easiest and hazardous security attacks confronted by these systems is SQL injection attacks (SQLIAs). SQL injection attack is a method that can insert any malevolent query into the original query statement. In this paper, we demonstrate an efficient approach for Securing Web Application from SQL injection, which incorporates the combination of client side validation and identity based cryptography. To affirm the technique we examine it on some prototype web applications generated by web developer tools which ensure that our approach is secure and efficient and also hypothesis testing is done to validate the results.
Keywords :
Internet; SQL; client-server systems; cryptography; data privacy; SQL injection attacks; Web based applications; Web developer tools; client side validation; hazardous security attacks; identity based cryptography; information systems; malevolent query; original query statement; two-tier defense; user privacy; user security; Cryptography; Educational institutions; IP networks; Information filters; Libraries; Injection attack; SQL Injection; SQL Query; SQLIAs; Web application;
Conference_Titel :
Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on
Conference_Location :
Ajmer
Print_ISBN :
978-1-4799-3139-2
DOI :
10.1109/ICSPCT.2014.6884906
