11-02-2011, 12:25 AM
hello guys i need the project. so plz help me
|
wasp against sql injection attacks in java
|
11-02-2011, 07:17 AM
WASP (Web Application SQL-injection Preventer)
The basic idea of the WASP is to allow only the developer trusted stringsa to form the sensitive parts of the query. As a solution to the problem of SQL injection:
a)Positive tainting
b)Syntax-Aware evaluation
WEB applications are applications that can be accessed over the Internet by using any compliant Web browser that runs on any operating system and architecture. A variety of new threats are facing the web applications. Of this, the most significant one is the SQL Injection Attacks (SQLIAs). SQL queries are built by the Web applications to access the information stored in the databases. But, the attackers can gain complete access to such databases if inadequate input validation is performed. The specially encoded database commands can be input by the attackers. the attacker’s embedded commands are executed by the database when the web application builds the query using these strings, and the attack succeeds.
a new highly automated approach for dynamic detection and prevention of SQLIAs is proposed in this article. It involves identifying “trusted” strings in an application which are then used to form the semantically relevant parts of a SQL query.
Get full details here:
http://ccs.neu.edu/home/pete/pub/ieee-software-wasp.pdf
presentation:
http://cercs.gatech.edu/iucrc06/material/orso.pdf
The basic idea of the WASP is to allow only the developer trusted stringsa to form the sensitive parts of the query. As a solution to the problem of SQL injection:
a)Positive tainting
b)Syntax-Aware evaluation
WEB applications are applications that can be accessed over the Internet by using any compliant Web browser that runs on any operating system and architecture. A variety of new threats are facing the web applications. Of this, the most significant one is the SQL Injection Attacks (SQLIAs). SQL queries are built by the Web applications to access the information stored in the databases. But, the attackers can gain complete access to such databases if inadequate input validation is performed. The specially encoded database commands can be input by the attackers. the attacker’s embedded commands are executed by the database when the web application builds the query using these strings, and the attack succeeds.
a new highly automated approach for dynamic detection and prevention of SQLIAs is proposed in this article. It involves identifying “trusted” strings in an application which are then used to form the semantically relevant parts of a SQL query.
Get full details here:
http://ccs.neu.edu/home/pete/pub/ieee-software-wasp.pdf
presentation:
http://cercs.gatech.edu/iucrc06/material/orso.pdf
09-03-2011, 12:54 PM
i need the full project cccan u help me sir,
advance thanks
advance thanks
21-03-2011, 10:43 AM
[attachment=10635]
WASP APPLICATION
Abstract
WASP is nothing but Web Automobile Sales Platform. WASP is a platform where one can add, edit, delete and update the automobile records. This Application is to be used by the Automobile firm. It is an interface for sellers to upload vehicle listings. An interface for WASP administrators to review, approve, or delete uploaded listings. An Interface that provide security and access control model.
Sellers can store the information related to Automobiles in database. They can also store about the listing of products and the related buyers information. They can easily access these information when required. Hence it is saving the time.
Existing System
At present Automobile firms are maintaining their information in the papers. They are storing all the related information of automobiles in records. They are doing paper work. Drawbacks in this system are:
• Time consuming: Since data is written in paper, it takes more time to access particular information.
• Difficult to Access: Since data is stored in different part of records, it is difficult to access.
• Security problem: Security cannot be provided to the hardcopy, it can be easily stolen and used by others.
• Cannot be modified: Data cannot be modified, when needed.
To overcome the problems with the Existing System, an application is going to be proposed
Proposed System
A web based platform is going to be proposed. Here seller can add the automobile listing, can add the information related to the buyer. It is a platform where user can easily store the information, edit, delete, update and view the information. Here data is protected, unauthorized user cannot access the information.
Advantages of this system
• Saves time
• Easy to access
• Provides Security
Modules
1. Add Listing: Owner information, Vehicle information is going to be added.
2. View Listing: View the List of Vehicles.
3. Modify Listing: Here one can update or delete the list.
4. Search: One can search the particular automobile in the list.
5.Database: Database is in such a way that it can be easily access and fast to access the particular information.
Hardware Requirements
RAM : 256MB
HARD DISK: 80GB
Processor : Pentium4
Data Base : Oracle
Technologies
HTML, Java, , JSP, JDBC
WASP APPLICATION
Abstract
WASP is nothing but Web Automobile Sales Platform. WASP is a platform where one can add, edit, delete and update the automobile records. This Application is to be used by the Automobile firm. It is an interface for sellers to upload vehicle listings. An interface for WASP administrators to review, approve, or delete uploaded listings. An Interface that provide security and access control model.
Sellers can store the information related to Automobiles in database. They can also store about the listing of products and the related buyers information. They can easily access these information when required. Hence it is saving the time.
Existing System
At present Automobile firms are maintaining their information in the papers. They are storing all the related information of automobiles in records. They are doing paper work. Drawbacks in this system are:
• Time consuming: Since data is written in paper, it takes more time to access particular information.
• Difficult to Access: Since data is stored in different part of records, it is difficult to access.
• Security problem: Security cannot be provided to the hardcopy, it can be easily stolen and used by others.
• Cannot be modified: Data cannot be modified, when needed.
To overcome the problems with the Existing System, an application is going to be proposed
Proposed System
A web based platform is going to be proposed. Here seller can add the automobile listing, can add the information related to the buyer. It is a platform where user can easily store the information, edit, delete, update and view the information. Here data is protected, unauthorized user cannot access the information.
Advantages of this system
• Saves time
• Easy to access
• Provides Security
Modules
1. Add Listing: Owner information, Vehicle information is going to be added.
2. View Listing: View the List of Vehicles.
3. Modify Listing: Here one can update or delete the list.
4. Search: One can search the particular automobile in the list.
5.Database: Database is in such a way that it can be easily access and fast to access the particular information.
Hardware Requirements
RAM : 256MB
HARD DISK: 80GB
Processor : Pentium4
Data Base : Oracle
Technologies
HTML, Java, , JSP, JDBC
20-04-2011, 08:41 PM
can u send me the code plzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
on WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation”
on WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation”
22-04-2011, 12:47 PM
hi
you can refer these pages to get the details on sql-injection &wasp
http://studentbank.in/report-co...on-attacks
http://studentbank.in/report-pr...r-approach
http://studentbank.in/report-co...cks--12773
http://studentbank.in/report-sq...on-attacks
http://studentbank.in/report-wasp-agains...ks-in-java
you can refer these pages to get the details on sql-injection &wasp
http://studentbank.in/report-co...on-attacks
http://studentbank.in/report-pr...r-approach
http://studentbank.in/report-co...cks--12773
http://studentbank.in/report-sq...on-attacks
http://studentbank.in/report-wasp-agains...ks-in-java
|
« Next Oldest | Next Newest »
|
