In this paper we present the results from an analysis focusing on security threats that can arise against an SQL server when included in Web application environments. The approach used is based on the STRIDE classification methodology. The results presented provide also some general guidelines and countermeasures against the different attacks that can exploit the identified vulnerabilities.
Threat modelling for SQL servers: Designing a Secure Database in a Web Application / E. Bertino, D. Bruschi, S. Franzoni, I. Nai-fovino, S. Valtolina - In: Communications and Multimedia Security / [a cura di] D. Chadwick, B. Preneel. - [s.l] : Springer, 2004. - ISBN 0387244859. - pp. 159-171 (( Intervento presentato al 8. convegno Annual Conference on Communications and Multimedia Security tenutosi a Windermere nel 2004.
Titolo: | Threat modelling for SQL servers: Designing a Secure Database in a Web Application |
Autori: | BRUSCHI, DANILO MAURO (Secondo) VALTOLINA, STEFANO (Ultimo) |
Parole Chiave: | database systems; web services; security; threat model |
Settore Scientifico Disciplinare: | Settore INF/01 - Informatica |
Data di pubblicazione: | 2004 |
Tipologia: | Book Part (author) |
Appare nelle tipologie: | 03 - Contributo in volume |