| 基于SP防范SQL注入攻击的三层信息系统安全设计研究 |
| |
| 引用本文: | 黄辉.基于SP防范SQL注入攻击的三层信息系统安全设计研究[J].情报探索,2013(11):114-116. |
| |
| 作者姓名: | 黄辉 |
| |
| 作者单位: | 广东农工商职业技术学院图书馆,广东广州510507 |
| |
| 基金项目: | 本文系广东省图书馆学会基金项目“城市发展与公共图书馆的互动关系”(项目编号:GDTK1112)研究成果之一. |
| |
| 摘 要: | SQL注入攻击是一种利用客户端输入构建特殊SQL查询语句进行数据库攻击的攻击方式。开发一种三层架构的信息系统,可检测和过滤用户的非法输入,在数据层使用SP(Store Produce)存储过程进行数据存取,以更有效地防范SQL注入攻击,提升系统安全性能。
|
| 关 键 词: | SP防范 注入攻击 三层系统设计 |
Design of SP-based 3-tier Information Security System Against SQL Injection |
| |
| Huang Hui.Design of SP-based 3-tier Information Security System Against SQL Injection[J].Information Research,2013(11):114-116. |
| |
| Authors: | Huang Hui |
| |
| Institution: | Huang Hui ( Guangdong AIB Polytechnic College Library, Guangzhou Guangdong 510507 ) |
| |
| Abstract: | SQL injection is a way to attack database, which builds special SQL query statement with client input. The paper develops a 3-tier information system. The system can detect and filter users' illegal inputs, meanwhile applies Store Produce (SP) for data access in data layer, so as to prevent from SQL injection effectively and upgrade security performance of the system. |
| |
| Keywords: | SP defense injection 3-tier system design |
| 本文献已被 维普 等数据库收录! |
