Skip to main content
Conference Proceedings

Information flow control on a multi-paradigm web application for SQL injection prevention

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2016) 9482 277-285
DOI: 10.1007/978-3-319-30303-1_18
0Citations
Citations of this article
4Readers
Mendeley users who have this article in their library.
Get full text

Abstract

In this paper, we propose an integrated framework to control information flows in order to prevent security attacks, namely, SQL injections threatening data confidentiality. This framework is based on the Prerequisite TBAC model, a new Tuple-Based Access Control model designed to control data dissemination in databases, and that guarantees a controlled declassification. To track information flow in the application part, we propose to propagate dynamically security labels through the system using Paragon, a typed-security language that extends Java with information flow policy specification.

Author supplied keywords

Cite

CITATION STYLE

APA

Ben-Ghorbel-Talbi, M., Lesueur, F., & Perrin, G. (2016). Information flow control on a multi-paradigm web application for SQL injection prevention. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9482, pp. 277–285). Springer Verlag. https://doi.org/10.1007/978-3-319-30303-1_18

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free