Date Added: May 2011
SQL injection attacks are possible because, web application code is not secured during application development. One of the best ways to secure applications is by limiting access to those authorized to access the application. Database contents are encrypted for security in a way to allow efficient query processing directly on the encrypted database. SQL Injection attacks can be easily prevented by applying more secure authentication schemes in login phase itself. To address this problem, this paper presents an authentication scheme for preventing SQL Injection attack using Hybrid Encryption algorithm. The server has to maintain three parameters of every user: user name, password, and user's secret key. This paper proposed a protocol model for Preventing SQL Injection Attack using HyBrid Encryption algorithm (PSQLIA-HBE).