- We will send in 10–14 business days.
/images/books/13372332/9783836464963.jpg)
- Author: Stephen Thomas
- Publisher: VDM Verlag Dr. Mueller E.K.
- Year: 2008
- Pages: 80
- ISBN-10: 3836464969
- ISBN-13: 9783836464963
- Format: 17 x 24.4 x 0.4 cm, minkšti viršeliai
- Language: English
- SAVE -10% with code: EXTRA
Using Automated Fix Generation to Mitigate SQL Injection Vulnerabilities (e-book) (used book) | bookbook.eu
Reviews
Description
Since 2002, over 10% of total cyber vulnerabilities were SQL injection vulnerabilities (SQLIVs). Since most developers are not experienced software security practitioners, a solution for correctly removing SQLIVs that does not require security expertise is desirable. In this paper, an automated fix generation algorithm for removing SQLIVs by replacing SQL statements with prepared SQL statements is described. Automated fix generation is a type of automated code generation that analyzes project artifacts containing faults and uses the analysis to generate fault free alternative or replacement code. Prepared SQL statements have a static structure and take type-specific input parameters, which prevents SQL injection attack input from changing the structure and logic of a statement. The automated fix algorithm is evolved over the course of preparing for and analyzing the results of four formative and evaluative case studies.
EXTRA 10 % discount with code: EXTRA
The promotion ends in 22d.21:17:57
The discount code is valid when purchasing from 10 €. Discounts do not stack.
- Author: Stephen Thomas
- Publisher: VDM Verlag Dr. Mueller E.K.
- Year: 2008
- Pages: 80
- ISBN-10: 3836464969
- ISBN-13: 9783836464963
- Format: 17 x 24.4 x 0.4 cm, minkšti viršeliai
- Language: English English
Since 2002, over 10% of total cyber vulnerabilities were SQL injection vulnerabilities (SQLIVs). Since most developers are not experienced software security practitioners, a solution for correctly removing SQLIVs that does not require security expertise is desirable. In this paper, an automated fix generation algorithm for removing SQLIVs by replacing SQL statements with prepared SQL statements is described. Automated fix generation is a type of automated code generation that analyzes project artifacts containing faults and uses the analysis to generate fault free alternative or replacement code. Prepared SQL statements have a static structure and take type-specific input parameters, which prevents SQL injection attack input from changing the structure and logic of a statement. The automated fix algorithm is evolved over the course of preparing for and analyzing the results of four formative and evaluative case studies.
Reviews