Data Management

Threat Modelling for SQL Servers: Designing a Secure Database in a Web Application

Date Added: Jan 2010
Format: PDF

This paper presents the results from an analysis focusing on security threats that can arise against an SQL server when included in Web application environments. The approach used is based on the STRIDE classification methodology. The results presented provide also some general guidelines and countermeasures against the different attacks that can exploit the identified vulnerabilities. In the last few years the use of the Internet has experienced an exponential growth and the World Wide Web has become the main instrument for information sharing.