SQL注入预防方法综述

IF 1.3 Q4 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE
Shahbaaz Mohammed Hayat Chaki, M. Din
{"title":"SQL注入预防方法综述","authors":"Shahbaaz Mohammed Hayat Chaki, M. Din","doi":"10.11113/IJIC.V9N1.224","DOIUrl":null,"url":null,"abstract":"Database plays a very important role in everyone’s life including the organizations since everything today is connected via Internet and to manage so many data. There is a need of database which helps organizations to organize, sort and manage the data and to ensure that the data which a user is receiving and sending through the mean of database is secure since the database stores almost everything such as Banking details which includes user id, Password and so. Thus, it means that the data are really valuable and confidential to us and therefore security really matters for database. SQL Injection Attacks on the database are becoming common in this era where the hackers are trying to steal the valuable data of an individual through the mean of SQL Injection Attack by using malicious query on the application. This application reveals the individual data by an efficient and the best SQL Injection Prevention technique is required in order to protect the individual data from being stolen by the hackers. Therefore, this paper will be focusing on reviewing different types of SQL Injection prevention methods and SQL injection types. The initial finding of this paper can make comparison of different types of SQL Injection Prevention methods which will enable the Database Administrator to choose the best and the efficient SQL Injection Prevention Method for their organization. Consequently, Preventing of SQL Injection Attack from happening which would ultimately result in no data loss of an user.","PeriodicalId":50314,"journal":{"name":"International Journal of Innovative Computing Information and Control","volume":"21 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2019-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A Survey on SQL Injection Prevention Methods\",\"authors\":\"Shahbaaz Mohammed Hayat Chaki, M. Din\",\"doi\":\"10.11113/IJIC.V9N1.224\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Database plays a very important role in everyone’s life including the organizations since everything today is connected via Internet and to manage so many data. There is a need of database which helps organizations to organize, sort and manage the data and to ensure that the data which a user is receiving and sending through the mean of database is secure since the database stores almost everything such as Banking details which includes user id, Password and so. Thus, it means that the data are really valuable and confidential to us and therefore security really matters for database. SQL Injection Attacks on the database are becoming common in this era where the hackers are trying to steal the valuable data of an individual through the mean of SQL Injection Attack by using malicious query on the application. This application reveals the individual data by an efficient and the best SQL Injection Prevention technique is required in order to protect the individual data from being stolen by the hackers. Therefore, this paper will be focusing on reviewing different types of SQL Injection prevention methods and SQL injection types. The initial finding of this paper can make comparison of different types of SQL Injection Prevention methods which will enable the Database Administrator to choose the best and the efficient SQL Injection Prevention Method for their organization. Consequently, Preventing of SQL Injection Attack from happening which would ultimately result in no data loss of an user.\",\"PeriodicalId\":50314,\"journal\":{\"name\":\"International Journal of Innovative Computing Information and Control\",\"volume\":\"21 1\",\"pages\":\"\"},\"PeriodicalIF\":1.3000,\"publicationDate\":\"2019-05-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Innovative Computing Information and Control\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.11113/IJIC.V9N1.224\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Innovative Computing Information and Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.11113/IJIC.V9N1.224","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
引用次数: 3

摘要

数据库在每个人的生活中扮演着非常重要的角色,包括组织,因为今天的一切都是通过互联网连接的,并且管理着如此多的数据。有一个数据库的需要,它可以帮助组织,排序和管理数据,并确保用户通过数据库接收和发送的数据是安全的,因为数据库存储了几乎所有的东西,如银行详细信息,包括用户id,密码等。因此,这意味着数据对我们来说是非常有价值和机密的,因此数据库的安全性非常重要。在这个时代,针对数据库的SQL注入攻击越来越普遍,黑客试图通过对应用程序进行恶意查询,通过SQL注入攻击的方式窃取个人的有价值数据。这个应用程序揭示了一个有效的个人数据,最好的SQL注入预防技术是为了保护个人数据被黑客窃取。因此,本文将重点回顾不同类型的SQL注入预防方法和SQL注入类型。本文的初步发现可以对不同类型的SQL注入预防方法进行比较,从而使数据库管理员能够为自己的组织选择最优、最有效的SQL注入预防方法。因此,防止SQL注入攻击的发生,最终不会导致用户的数据丢失。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
A Survey on SQL Injection Prevention Methods
Database plays a very important role in everyone’s life including the organizations since everything today is connected via Internet and to manage so many data. There is a need of database which helps organizations to organize, sort and manage the data and to ensure that the data which a user is receiving and sending through the mean of database is secure since the database stores almost everything such as Banking details which includes user id, Password and so. Thus, it means that the data are really valuable and confidential to us and therefore security really matters for database. SQL Injection Attacks on the database are becoming common in this era where the hackers are trying to steal the valuable data of an individual through the mean of SQL Injection Attack by using malicious query on the application. This application reveals the individual data by an efficient and the best SQL Injection Prevention technique is required in order to protect the individual data from being stolen by the hackers. Therefore, this paper will be focusing on reviewing different types of SQL Injection prevention methods and SQL injection types. The initial finding of this paper can make comparison of different types of SQL Injection Prevention methods which will enable the Database Administrator to choose the best and the efficient SQL Injection Prevention Method for their organization. Consequently, Preventing of SQL Injection Attack from happening which would ultimately result in no data loss of an user.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
3.20
自引率
20.00%
发文量
0
审稿时长
4.3 months
期刊介绍: The primary aim of the International Journal of Innovative Computing, Information and Control (IJICIC) is to publish high-quality papers of new developments and trends, novel techniques and approaches, innovative methodologies and technologies on the theory and applications of intelligent systems, information and control. The IJICIC is a peer-reviewed English language journal and is published bimonthly
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信