Threat modelling for SQL servers: Designing a secure database in a web application

IFIP Advances in Information and Communication Technology

Volumn 175, Issue , 2005, Pages 159-171

  Bertino, E ^a   Bruschi, D ^b   Franzoni, S ^b   Nai Fovino, I ^b   Valtolina, S ^b  

^a Purdue University   (United States)

^b UNIVERSITY OF MILAN   (Italy)

Author keywords

Database systems; Security; Threat model; Web services

Indexed keywords

DATABASE SYSTEMS; WEB SERVICES;

CLASSIFICATION METHODOLOGIES; DIFFERENT ATTACKS; SECURE DATABASE; SECURITY; SECURITY THREATS; SQL SERVERS; THREAT MODELING; WEB APPLICATION;

APPLICATIONS;

EID: 84902509716     PISSN: 18684238     EISSN: None     Source Type: Book Series    
DOI: None     Document Type: Conference Paper

References (10)

1. J.D. Meier and others, Improving Web Application Security. Threats and countermeasures, Microsoft press, 2003
2. nd edition, Microsoft press, 2003
3. SQL Server 2000, Resource kit, Microsoft press, 2001
4. http://sniffdet.sourceforge.net/download.html
5. http://www.atstake.com/antisniff/
6. http://www.packetfactory.net/Proiects/sentinel/
7. E. Whalen, M. Garcia and others, SQL Server 2000 Performance tuning, Microsoft press, 2001
8. A. One, Smashing The Stack For Fun And Profit, Phrack 49. Volume Seven, Issue Forty-Nine File 14
9. M. Howard, Reviewing Code for Integer Manipulation Vulnerabilities, Secure Windows Initiative, 2003
10. V. S. Verykios, E. Bertino, I. Nai Fovino, L. Parasiliti Provenza, Y. Saygin, Y. Theodoridis, State-of-the-art in privacy preserving data mining, ACM SIGMOD Record, Volume 33 Issue 1, 2004