RSA security's official guide to cryptography
RSA security's official guide to cryptography
DAIS: A Real-Time Data Attack Isolation System for Commercial Database Applications
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Using parse tree validation to prevent SQL injection attacks
SEM '05 Proceedings of the 5th international workshop on Software engineering and middleware
A new intrusion detection system using support vector machines and hierarchical clustering
The VLDB Journal — The International Journal on Very Large Data Bases
Policy-Based Enforcement of Database Security Configuration through Autonomic Capabilities
ICAS '08 Proceedings of the Fourth International Conference on Autonomic and Autonomous Systems
Towards Automation of Testing High-Level Security Properties
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast
Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast
Automatic creation of SQL Injection and cross-site scripting attacks
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
SQL Injection Attacks and Defense
SQL Injection Attacks and Defense
Hi-index | 0.00 |
This paper presents the concept of database configuration and development considering security issues especially when connected to internet. Regardless of precautions on security voulnerabilities implemented on other levels of database environment, such as: network, operating system, client application, it is important to protect database itself by avoiding well known database security issues. In order to prove that proposed configuration has a high level of security protection, security testing has to be performed. The overall goal of security testing is to reduce vulnerabilities within a software system and we have proposed testing methodology including code review and vulnerability assessment that represent the most widespread of best practices for software security assurance.