A Novel Injection Aware Approach for the Testing of Database Applications

Author

Anchlia, Ankit ; Jain, Sheela

Author_Institution

Dept. of Comput. Sci. & Eng., Shri Vaishnav Inst. of Technol. & Sci., Indore, India

fYear

2010

fDate

12-13 March 2010

Firstpage

311

Lastpage

313

Abstract

Databases have become an integral part of the web applications in the current world. Database based applications have brought a revolution in the domain of information technology. These applications interact with the databases using Structured Query Language (SQL) queries embedded in the code. There are automated ways to test the applications written in imperative and structured languages. However, the methodologies to test the applications with embedded SQL queries are still in the nascent phase. The SQL injection attacks have become one of the most serious security threats. Testing of these applications poses grave challenges to the engineers. In this paper, a novel approach has been proposed to test the applications in a comprehensive way. The approach is a holistic one; it tests the system under real conditions without any artifacts, to avoid potential injection attacks.

Keywords

Internet; SQL; program testing; security of data; SQL injection attacks; Structured Query Language query; Web application; database application testing; imperative languages; information technology; injection aware approach; security threats; structured languages; Application software; Automatic testing; Computer science; Data engineering; Database languages; Information technology; Libraries; Security; System testing; Telecommunication computing; Database security testing; SQL injections; automatic testing; test coverage;

fLanguage

English

Publisher

ieee

Conference_Titel

Recent Trends in Information, Telecommunication and Computing (ITC), 2010 International Conference on

Conference_Location

Kochi, Kerala

Print_ISBN

978-1-4244-5956-8

Type

conf

DOI

10.1109/ITC.2010.69

Filename

5460566