The relational model is the basis for most modern databases, while SQL is the most commonly used query language. However, there are data structures and computational problems that cannot be expressed using SQL-92 queries. Among them are those concerned with the bill-of-material and corporate hierarchies. A newer standard, called the SQL-99, introduced recursive queries which can be used to solv...

SQL technology has evolved during last years, and systems are being more powerful and scalable. However, there exist yet some expressiveness limitations that can be otherwise overcome with inputs from deductive databases. This paper focuses on both practical and theoretical expressiveness issues in current SQL implementations that are overcome in the Datalog Educational System (DES), a deductiv...

A wide range of database applications manage timevarying data, and it is well-known that querying and correctly updating time-varying data is dificult and error-prone when using standard SQL. Temporal extensions of SQL ofSeer substantial benefits over SQL when managing time-varying data. The topic of this paper is the effective implementation of temporally extended SQL’s. Traditionally, it has ...

sql injection attacks involve the construction of application input data that will result in the execution of malicious sql statements. Many web applications are prone to sql injection attacks. This paper proposes a novel method for preventing this kind of attacks by placing a database driver proxy between the application and its underlying relational database management system. To detect an at...

SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input box to gain access or make changes to data. SQL injection vulnerability allows an attacker to flow commands directly to a web application's underlying database and destroy functionality or confidentiality. Researchers have proposed different tools to detect and prevent this vulnerability...

SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input box to gain access or make changes to data. SQL injection vulnerability allows an attacker to flow commands directly to a web application's underlying database and destroy functionality or confidentiality. Researchers have proposed different tools to detect and prevent this vulnerability...

This article describes how the performance of certain Prolog programs can be improved by storing large lists of facts in an SQL database rather than as Prolog facts. In experiments that will be described, the speed improvements ranged from negligible to a factor of over 200. This improvement comes about because SQL servers are strongly optimized for searching large, flat tables. However, modern...

The paper begins by identifying the organizations which are vulnerable to the SQL attack referred to as an SQL injection attack (SQLIA). The term “SQL injection attack” is defined and a diagram (Fig.1) is used to illustrate the way that attack occurs. In another section, the paper identifies the methods used to detect an attack to SQL, whereby the techniques are discussed extensively using rele...