Title :
Shielding against SQL Injection Attacks Using ADMIRE Model
Author :
Madan, S. ; Madan, S.
Author_Institution :
Dept. of Comput. Sci., Univ. of Delhi, Delhi, India
Abstract :
In recent years, web applications have become tremendously popular. However, vulnerabilities are pervasive resulting in exposure of organizations and firms to a wide array of risks. In spite of many tools and techniques, attacks on web application especially through SQL Injection Attacks are at a rise. Threat modeling is an important risk assessment and mitigation practice that provides the capability to secure a web application. A comprehensively designed threat model can provide a better understanding of the risks and help determine the extent of mitigation action. This paper aims to initiate the threat risk model ADMIRE which is a comprehensive, structured and stepwise approach, which would help to identify and mitigate SQL Injections attacks and shield the database lying in the database servers, which may be unauthorizedly accessed for malafide reasons from the web applications.
Keywords :
SQL; risk management; security of data; ADMIRE model; SQL injection attacks; malafide reasons; risk assessment; risk mitigation; shielding; threat modeling; threat risk model; Application software; Computational intelligence; Computer errors; Computer science; Computer security; Data security; Databases; Permission; Protection; Web server; SQL Injection; Security; Threat modeling; Vulnerability; Web Application;
Conference_Titel :
Computational Intelligence, Communication Systems and Networks, 2009. CICSYN '09. First International Conference on
Conference_Location :
Indore
Print_ISBN :
978-0-7695-3743-6
DOI :
10.1109/CICSYN.2009.58
