The paper begins by identifying the organizations which are vulnerable to the SQL attack referred to as an SQL injection attack (SQLIA). The term “SQL injection attack” is defined and a diagram (Fig.1) is used to illustrate the way that attack occurs. In another section, the paper identifies the methods used to detect an attack to SQL, whereby the techniques are discussed extensively using rele...

Data mining is becoming increasingly important since the size of databases grows even larger and the need to explore hidden rules from the databases becomes widely recognized. Currently database systems are dominated by relational database and the ability to perform data mining using standard SQL queries will de nitely ease implementation of data mining. However the performance of SQL based dat...

The SQL standard specifies authorization via a large set of rather opaque rules, which are difficult to understand and dangerous to change. To make the model easier to work with, we formalize the implicit principles behind SQL authorization. We then discuss two extensions, for explicit metadata privileges and general privilege inference on derived objects. Although these are quite simple and ea...

The lion's share of datalog features have been incorporated into the SQL3 standard proposal. However, most SQL manuals still recommend to implement user-de ned conditions for data integrity nondeclaratively, by triggers or stored procedures. We describe how to implement known declarative database technology for integrity checking in SQL databases. We show how to represent and evaluate arbitrari...

We present a scalable distributed database system called SD-SQL Server. Its original feature is dynamic and transparent repartitioning of growing tables, avoiding the cumbersome manual repartitioning that characterize current technology. SD-SQL Server re-partitions a table when an insert overflows existing segments. With the comfort of a single node SQL Server user, the SD-SQL Server user has l...

Intuitionistic logic programming provides the notion of embedded implication in rule bodies, which can be used to reason about a current database modified by the antecedent. This can be applied to a system that translates SQL to Datalog to solve SQL WITH queries, for which relations are locally defined and can therefore be understood as added to the current database. In addition, assumptions in...

The main aim of this paper was to develop and evaluate securely web-based application for construction material testing using object-oriented technology and parameterized queries for SQL command queries. The SQL queries for the web application of construction material testing were modified by adjusting their codes which included connection strings, authorization bypass and execute commands. Det...

With the increasing importance of the internet in our day-to-day life, data security in web application has become very crucial. Ever increasing online and real time transaction services have led to manifold rise in the problems associated with the database security. Attacker uses illegal and unauthorized approaches to hijack the confidential information like username, password and other vital ...