In this paper we present the results from an analysis focusing on security threats that can arise against an SQL server when included in Web application environments. The approach used is based on the STRIDE classification methodology. The results presented provide also some general guidelines and countermeasures against the different attacks that can exploit the identified vulnerabilities.
Threat modelling for SQL servers: Designing a Secure Database in a Web Application / E. Bertino, D. Bruschi, S. Franzoni, I. Nai-fovino, S. Valtolina - In: Communications and Multimedia Security / [a cura di] D. Chadwick, B. Preneel. - [s.l] : Springer, 2004. - ISBN 0387244859. - pp. 159-171 (( Intervento presentato al 8. convegno Annual Conference on Communications and Multimedia Security tenutosi a Windermere nel 2004.
Threat modelling for SQL servers: Designing a Secure Database in a Web Application
D. BruschiSecondo
;S. ValtolinaUltimo
2004
Abstract
In this paper we present the results from an analysis focusing on security threats that can arise against an SQL server when included in Web application environments. The approach used is based on the STRIDE classification methodology. The results presented provide also some general guidelines and countermeasures against the different attacks that can exploit the identified vulnerabilities.
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
