Research Article
SQL Injection Defense Mechanisms for IIS+ASP+MSSQL Web Applications
1141 downloads
@INPROCEEDINGS{10.1007/978-3-642-23602-0_25, author={Beihua Wu}, title={SQL Injection Defense Mechanisms for IIS+ASP+MSSQL Web Applications}, proceedings={2nd International ICST Workshop on e-Forensics Law and Judicial}, proceedings_a={E-FORENSICSLAW}, year={2012}, month={10}, keywords={SQL Injection Web sites Security Cybercrime}, doi={10.1007/978-3-642-23602-0_25} }
- Beihua Wu
Year: 2012
SQL Injection Defense Mechanisms for IIS+ASP+MSSQL Web Applications
E-FORENSICSLAW
Springer
DOI: 10.1007/978-3-642-23602-0_25
Abstract
With the sharp increase of hacking attacks over the last couple of years, web application security has become a key concern. SQL injection is one of the most common types of web hacking and has been widely written and used in the wild. This paper analyzes the principle of SQL injection attacks on Web sites, presents methods available to prevent IIS+ASP+MSSQL web applications from these kinds of attacks, including secure coding within the web application, proper database configuration, deployment of IIS and other security techniques. The result is verified by WVS report.
Copyright © 2010–2024 ICST