A two tier defense against SQL injection

Author

Duhan, Neelam ; Saneja, Bharti

Author_Institution

Dept. of CSE, Kurukshetra Univ., Kurukshetra, India

fYear

2014

fDate

12-13 July 2014

Firstpage

415

Lastpage

420

Abstract

In recent years with increase in ubiquity and popularity of web based applications, information systems are frequently migrated to the web, which will jeopardize security and privacy of the users. One of the most easiest and hazardous security attacks confronted by these systems is SQL injection attacks (SQLIAs). SQL injection attack is a method that can insert any malevolent query into the original query statement. In this paper, we demonstrate an efficient approach for Securing Web Application from SQL injection, which incorporates the combination of client side validation and identity based cryptography. To affirm the technique we examine it on some prototype web applications generated by web developer tools which ensure that our approach is secure and efficient and also hypothesis testing is done to validate the results.

Keywords

Internet; SQL; client-server systems; cryptography; data privacy; SQL injection attacks; Web based applications; Web developer tools; client side validation; hazardous security attacks; identity based cryptography; information systems; malevolent query; original query statement; two-tier defense; user privacy; user security; Cryptography; Educational institutions; IP networks; Information filters; Libraries; Injection attack; SQL Injection; SQL Query; SQLIAs; Web application;

fLanguage

English

Publisher

ieee

Conference_Titel

Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on

Conference_Location

Ajmer

Print_ISBN

978-1-4799-3139-2

Type

conf

DOI

10.1109/ICSPCT.2014.6884906

Filename

6884906