Abstract—Web applications have become steadily increased in daily routines activities and continue to integrate them. On-line reservations, paying bills and on-line shopping expect these web applications to be secure and reliable; the fear of SQL–Injection Attacks has become increasingly frequent and serious. SQL Injection Attacks (SQLIAs) are one of the topmost threats for web application security. Using SQL Injection attackers can leak confidential information; such as credit card numbers from web applications and even corrupt the database. This paper presents a new technique to protect Web applications against SQL injection Attacks. SQL Injection Attacks are a class of attacks that many of these systems are highly vulnerable to, and there is no known foolproof defense against such attacks. The new innovative technique ―Service -Oriented Authentication‖ is to prevent SQL–Injection Attacks in database the deployment of this technique is by appending first level Service has the functionality of Tame-card detection and Prevention. The Second level Service has the functionality of Authentication Checker also dataset (the temporary storage of database) of application scripts additionally allowing seamless integration with currently-deployed systems.
Index Terms—Database security, world-wide application security, SQL–injection attacks, runtime monitoring.
Indrani Balasundaram and E. Ramaraj are with the Madurai Kamaraj University, Madurai, India (e-mail: indrani.phd@ gmail.com, eramaraj@rediffmail.com)
[PDF]
Cite:Indrani Balasundram and E. Ramaraj, "Prevention of SQL Injection Attacks by Using Service Oriented Authentication Technique," International Journal of Modeling and Optimization vol. 3, no. 3, pp. 302-306, 2013.