Mitigation of SQL injection vulnerability during development of web applications Online publication date: Tue, 10-Sep-2019
by Navdeep Kaur; Parminder Kaur
International Journal of Web Science (IJWS), Vol. 3, No. 2, 2019
Abstract: SQL injection (SQLI) attack is consistently proliferating across the globe. According to Open Web Application Security Project (OWASP) Top Ten Cheat Sheet-2014, SQLI is at top in the list of online attacks. The cause of spread of SQLI is thought to be unsecure software engineering. The software development process itself appears to look at security as an add-on to be checked and deployed towards the end of the software development lifecycle (SDLC) which leads to vulnerabilities in web applications. This paper is an attempt to integrate security during development of web application. The paper introduces a 'grounds-up' approach for developing SQLI free web application. The process of occurrence of SQLI attack is discussed with the help of suitable example. Various security activities desired to mitigate SQLI during software development lifecycle are discussed.
Online publication date: Tue, 10-Sep-2019
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Web Science (IJWS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email email@example.com