Tuesday 19 April 2011

Wseas Transactions

New Subscription to Wseas Transactions

The following information was submitted:

Transactions: WSEAS TRANSACTIONS ON COMPUTERS
Transactions ID Number: 53-416
Full Name: Shanmughaneethi Velu
Position: Assistant Professor
Age: ON
Sex: Male
Address: Computer Centre, NITTTR[Min. of HRD, Govt. of India], Taramani, Chennai- 600 113, Tamilnaud, India
Country: INDIA
Tel: 9444289146
Tel prefix:
Fax:
E-mail address: shanneethi@nitttrc.ac.in
Other E-mails: shanneethi@gmail.com
Title of the Paper: SQLID-LWS: Preventing SQL Injection Vulnerabilities through Layered Web Services
Authors as they appear in the Paper: V.Shanmughaneethi, K.Arun Prabhu, D.G. Sudharsan, S.Swamynathan
Email addresses of all the authors: shanneethi@nitttrc.ac.in, kapmsd@gmail.com, dgsudharsan@gmail.com, swamyns@annauniv.edu
Number of paper pages: 17
Abstract: Providing a secure service in web applications is a real challenge in web security. Among the various types of software vulnerabilities, command injection is the most common type of threat in web applications. In command injection, SQL injection type of attacks are extremely prevalent, and ranked as the second most common form of attack on web. SQL injection attacks involve the construction of application's input data that will result in the execution of malicious SQL statements. Most of the SQL injection detection techniques involve the code to be written along with the actual scripting code. These techniques do not detect errors in SQL statements. Hence, this paper (SQLID-LWS) proposes a mechanism to identify invalid SQL statements, to analyze the query for invalid non SQL key words, and to customize the captured errors. This mechanism is different from others by means of separation of the main scripting code and SQL injection code. The SQL validations and injec!
tion detections code are implemented by means of web services.
Keywords: Web security, SQL injection, Web Service, Tautology, Query Engine, XML Schema, Piggybacking.
EXTENSION of the file: .doc
Special (Invited) Session:
Organizer of the Session:
How Did you learn about congress: Web Application Security
IP ADDRESS: 202.54.130.119