Data Management

SQLIPA: An Authentication Mechanism Against SQL Injection

Download Now Free registration required

Executive Summary

Web application has been developed with very rapid progress. Web applications use database at backend for storing data and SQL for insertion and retrieval of data. There are some malicious attacks which can deceive this SQL. These attacks are called SQL injection. To stop SQL injection many techniques have been proposed but they require large code modification and/or large extra time overhead. The work of this paper proposes a technique using hash values of user name and password, to improve the authentication process. The paper had built a prototype, SQL Injection Protector for Authentication (SQLIPA), for the evaluation of idea.

  • Format: PDF
  • Size: 56.6 KB