Results 1 - 10
of
387
Syntax of Principal SQL Statements
"... password: yyyyy quit Run script from Athena prompt in any xterm in order to open new xterm window and set path and environment so they can find Oracle applications Start the SQL*PLUS client and connect to the Oracle server where xxxxx is your Oracle userid When prompted, enter your oracle password, ..."
Abstract
- Add to MetaCart
password: yyyyy quit Run script from Athena prompt in any xterm in order to open new xterm window and set path and environment so they can find Oracle applications Start the SQL*PLUS client and connect to the Oracle server where xxxxx is your Oracle userid When prompted, enter your oracle password
Dynamic Analysis of SQL Statements in Data-intensive Programs
, 2008
"... SQL statements control the bi-directional data flow between application programs and a database through a high-level, declarative and semantically rich data manipulation language. Analyzing these statements brings invaluable information that can be used in such applications as program understanding, ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
SQL statements control the bi-directional data flow between application programs and a database through a high-level, declarative and semantically rich data manipulation language. Analyzing these statements brings invaluable information that can be used in such applications as program understanding
Proposing SQL Statement Coverage Metrics
- in Software Engineering for Secure Systems (SESS2008), colocated with ICSE 2008
, 2008
"... An increasing number of cyber attacks are occurring at the application layer when attackers use malicious input. These input validation vulnerabilities can be exploited by (among others) SQL injection, cross site scripting, and buffer overflow attacks. Statement coverage and similar test adequacy me ..."
Abstract
-
Cited by 3 (2 self)
- Add to MetaCart
An increasing number of cyber attacks are occurring at the application layer when attackers use malicious input. These input validation vulnerabilities can be exploited by (among others) SQL injection, cross site scripting, and buffer overflow attacks. Statement coverage and similar test adequacy
Sql dom: compile time checking of dynamic sql statements
- in ICSE’05: Proceedings of the 27th international conference on Software engineering, 2005
"... Most object oriented applications that involve persistent data interact with a relational database. The most common interaction mechanism is a call level interface (CLI) such as ODBC or JDBC. While there are many advantages to using a CLI – expressive power and performance being two of the most key ..."
Abstract
-
Cited by 63 (0 self)
- Add to MetaCart
– there are also drawbacks. Applications communicate through a CLI by constructing strings that contain SQL statements. These SQL statements are only checked for correctness at runtime, tend to be fragile and are vulnerable to SQL injection attacks. To solve these and other problems, we present the SQL DOM: a set
Using Automated Fix Generation to Secure SQL Statements
- in 3rd International Workshop on Software Engineering for Secure Systems
, 2007
"... Since 2002, over 10 % of total cyber vulnerabilities were SQL injection vulnerabilities. Since most developers are not experienced software security practitioners, a solution for correctly fixing SQL injection vulnerabilities that does not require security expertise is desirable. In this paper, we p ..."
Abstract
-
Cited by 19 (0 self)
- Add to MetaCart
propose an automated method for removing SQL injection vulnerabilities from Java code by converting plain text SQL statements into prepared statements. Prepared statements restrict the way that input can affect the execution of the statement. An automated solution allows developers to remove SQL injection
SQL Injection Protection by Variable Normalization of SQL Statement SQL Injection Protection by Variable Normalization of SQL Statement
"... "Make everything as simple as possible, but not simpler." ..."
Service Bus for SQL Statement Transformation to Enable Cloud Data Access
, 2013
"... Cloud computing has gained tremendous popularity in the past decade in the IT industry for its resource-sharing and cost-reducing nature. To move existing applications to the Cloud, they can be redesigned to fit into the Cloud paradigm, or migrate its existing components partially or totally to the ..."
Abstract
- Add to MetaCart
Cloud computing has gained tremendous popularity in the past decade in the IT industry for its resource-sharing and cost-reducing nature. To move existing applications to the Cloud, they can be redesigned to fit into the Cloud paradigm, or migrate its existing components partially or totally to the Cloud. In application design, a three-tier architecture is often used, consisting of a presentation layer, a business logic layer, and a data layer. The presentation layer describes the interaction between application and user; the business layer provides the business logic; and the data layer deals with data storage. The data layer is further divided into the Data Access Layer which abstracts the data access functionality, and the Database Layer for data persistence and data manipulation. In various occasions, corporations decide to move the their application’s database layer to the Cloud, due to the high resource consumption and maintenance cost. However, currently there is little support and guidance on how to enable appropriate data access to the Cloud. Moreover, the diversity and heterogeneity of database systems increase the difficulty of adaption for the existing presentation layer and business layer with the migrated database
A critique of ANSI SQL isolation levels
, 1995
"... Reads, and Phantoms. This paper shows that these phenomena and the ANSI SQL definitions fail to properly characterize several popular isolation levels, including the standard Ioeking implementations of the levels covered. Ambiguity in the statement of the phenomena is investigated and a more formal ..."
Abstract
-
Cited by 300 (7 self)
- Add to MetaCart
Reads, and Phantoms. This paper shows that these phenomena and the ANSI SQL definitions fail to properly characterize several popular isolation levels, including the standard Ioeking implementations of the levels covered. Ambiguity in the statement of the phenomena is investigated and a more formal
Results 1 - 10
of
387