In this paper we present the results from an analysis focusing on security threats that can arise against an SQL server when included in Web application environments. The approach used is based on the STRIDE classification methodology. The results presented provide also some general guidelines and countermeasures against the different attacks that can exploit the identified vulnerabilities.

Threat modelling for SQL servers: Designing a Secure Database in a Web Application / E. Bertino, D. Bruschi, S. Franzoni, I. Nai-fovino, S. Valtolina - In: Communications and Multimedia Security / [a cura di] D. Chadwick, B. Preneel. - [s.l] : Springer, 2004. - ISBN 0387244859. - pp. 159-171 (( Intervento presentato al 8. convegno Annual Conference on Communications and Multimedia Security tenutosi a Windermere nel 2004.

Threat modelling for SQL servers: Designing a Secure Database in a Web Application

D. Bruschi
Secondo
;
S. Valtolina
Ultimo
2004

Abstract

In this paper we present the results from an analysis focusing on security threats that can arise against an SQL server when included in Web application environments. The approach used is based on the STRIDE classification methodology. The results presented provide also some general guidelines and countermeasures against the different attacks that can exploit the identified vulnerabilities.
database systems; web services; security; threat model
Settore INF/01 - Informatica
Book Part (author)
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/190880
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 12
  • ???jsp.display-item.citation.isi??? 2
social impact