توجه: محتویات این صفحه به صورت خودکار پردازش شده و مقاله‌های نویسندگانی با تشابه اسمی، همگی در بخش یکسان نمایش داده می‌شوند.
۱A novel method for Security and data protection
نویسنده(ها): ،
اطلاعات انتشار: دومین همایش ملی پژوهش های کاربردی در علوم کامپیوتر و فناوری اطلاعات، سال
تعداد صفحات: ۱۰
Data is one of the significant assets that should be protected against any unauthorized access. Securing the underlying data is one of the most important issues in any organization especially when the data is accessed via internet. For this purpose, we propose a new method in this paper which is able to secure web applications and their database against the most frequent attack for such applications called SQL Injection (SQLI). The method is combinational and consists of two phases named static and dynamic in order to gain benefit from both of the corresponding techniques. It is based on static analysis and runtime validation where user inputs in SQL queries are removed and some information is gathered in order to make the detection easier and faster at runtime. Our method minimizes the overhead of the dynamic phase by gathering as much information as possible at the static phase. In order to show our expectations in practice we have implemented a tool for Java–based web applications. The experiments show that our proposed method has no false negative or false positive and the least overhead.<\div>
نمایش نتایج ۱ تا ۱ از میان ۱ نتیجه