| 一种新的SQL注入攻击的防范方法 |
| |
| 引用本文: | 薛昱春,黄东.一种新的SQL注入攻击的防范方法[J].数字社区&智能家居,2006(2). |
| |
| 作者姓名: | 薛昱春 黄东 |
| |
| 作者单位: | 东南大学自动化研究所 江苏南京210096 |
| |
| 摘 要: | 详细阐述了SQL注入攻击的原理和常见实施手段,认真分析并总结了现有常见防范方法的特点以及存在的不足之处,进一步提出了利用对用户输入数据进行Base64编码来防范SQL注入的新方法,并对该方法做了实验性的测试,得到了比较理想的结果。
|
| 关 键 词: | SQL注入 Base64编码 |
A New Approach for Preventing SQL Injection Attacks |
| |
| XUE Yu- chun,HUANG Dong.A New Approach for Preventing SQL Injection Attacks[J].Digital Community & Smart Home,2006(2). |
| |
| Authors: | XUE Yu- chun HUANG Dong |
| |
| Abstract: | At first,the article expounds the theory of SQL injection and the harm it may cause to system security in detail,then analyzes the existing solutions to prevent it clearly and summarizes the deficiency those solutions have, and in succession, presents a new practical protection mechanism against SQL injection attacks by using Base64- data- encoding, finally two examples are shown to test the new method and the results are exhibited. |
| |
| Keywords: | SQL injection Base64 encoding |
| 本文献已被 CNKI 等数据库收录! |
|
