Prevention of SQL Injection Attacks having XML Database
Journal Title: IOSR Journals (IOSR Journal of Computer Engineering) - Year 2013, Vol 14, Issue 6
Abstract
XML-based Web applications are broadly utilized in computer world, whose main applications are remote operation performance and bring arbitrary data. It is recently used in cloud interfaces, E-Government, Service Oriented Architectures etc. Due to abundant acceptance of this technology large attacks are raised like Denial of Service attacks, attacks on XML Encryption, and XML Signature Wrapping attacks. To stop these types of attacks different techniques were proposed however they’re not enough to stop all varieties of attacks. The existing SQLIA prevention techniques can validate the client side data, one by one. It complicates the developer’s task to write different validation codes for each data receiving page in the server. This paper proposed an idea of XML based SQLIA prevention technique which can validate the entire client side data by one single call of the dedicated validation function. In this process, the client will submit data in XML format and the server will verify the entire incoming XML file, based on some pr-decided rules called data-rules.
Authors and Affiliations
Preshika Tiwari
Keywords
Related Articles
- EP ID EP115619
- DOI -
- Views 127
- Downloads 0
Applications for Big Data in of Intelligent Distributed Processing
Abstract: Today, “Big Data” has posed new problem of over-information in many different areas. Such areasinclude health care (e.g., hospitals, bioinformatics), e-sciences (e.g., physics, chemistry, and geology), andsocia...
Using Geographic Information Systems to develop decision support system for supplier selection in batik industry
Abstract: This study has two purpose. First, this study aims to analyse the requirements of batik industry on effective and powerful software to select their supplier effectively. Second, this study aims to design, build...
Development of Security Based Reserved Agreement Blocker for Smartphone
Abstract: Smart phones are very effective tools for increasing the productivity of business users. With their increasing computational power and storage capacity, smartphones allow end users to perform several tasks and...
Efficient Techniques for Unauthorized Attacks with Time-Stamp
Abstract: In many applications it is very useful to identify the unexpected activities on data with respect totime. Cyber security is one of the application area in which we are using intrusion detection system to...
A Survey on Different Levels of Risks during Different Phases in Data Warehouse
Abstract: The term Data Warehouse represents huge collection of historical data which are subject-oriented, non-volatile, integrated, and time-variant and such data is required for the business needs [1]. Data warehouses...