期刊名称:International Journal of Innovative Research in Science, Engineering and Technology
印刷版ISSN:2347-6710
电子版ISSN:2319-8753
出版年度:2016
卷号:5
期号:3
页码:4480
DOI:10.15680/IJIRSET.2016.0503255
出版社:S&S Publications
摘要:Most information systems and business applications built now-a-days have a web frontend and theyneed to be universally available to clients, employees and partners around the world, as the digital economy isbecoming more and more prevalent in the global economy. These web applications, which can be accessed fromanywhere, become so widely exposed that any existing security vulnerability will most probably be uncovered andexploited by hackers. Two of the most widely spread and critical web application vulnerabilities: SQL Injection andXSS. SQLI and XSS allow attackers to access unauthorized data (read, insert, change or delete), gain access toprivileged database accounts. . We introduce Trusted DB, an outsourced database prototype that allows clients toexecute SQL queries with privacy and under regulatory compliance constraints by leveraging server-hosted, tamperprooftrusted hardware in critical query processing stages, thereby removing any limitations on the type of supportedqueries.
关键词:SQL Injection; Function Call; Raw Data; Trusted DB
