Asian Journal of Research in Business Economics and Management
  • Year: 2014
  • Volume: 4
  • Issue: 8

Study of Methods of SQL Injection Defence

  • Author:
  • Ali Malekia, Farhad Momeni Farahanib, Reza Malekic
  • Total Page Count: 6
  • Page Number: 305 to 310

aDepartment of Management, College of Management, Isfahan Science and Research Branch, Islamic Azad University, Isfahan, Iran

bDepartment of Management, College of Management, Arak Branch, Islamic Azad University, Arak, Iran

cDepartment of Computer Science and Information Technology, Institute for Advanced Studies in Basic Sciences(IASBS), Zanjan, Iran

Online published on 6 August, 2014.

Abstract

Due to the development of “Web” technology and expansion of web-based programs, the subject of “database security” has got a new dimension. From the advent of databases on, security and its provision had been important concerns and its appropriate application and efficacy had been fundamental features of the database; however, the concept of security was overshadowed by such subjects as appropriate function, effectiveness, and reliability. Security problems of computer systems can be analyzed from two viewpoints: lack of appropriate security mechanisms and lack of suitable application, if there are such mechanisms, or lack of acceptable security policies. One of the most important security problems of “SQL-based” systems is “SQL Injection attack”. Methods of such attacks and ways of obstructing them will be discussed in this project.

Keywords

SQL, SQL Injection Attacks, Code Level Defence, Platform Level Defence, Filter Bypassing