Sciweavers

FC
2010
Springer

Automatically Preparing Safe SQL Queries

13 years 7 months ago
Automatically Preparing Safe SQL Queries
We present the first sound program source transformation approach for automatically transforming the code of a legacy web application to employ PREPARE statements in place of unsafe SQL queries. Our approach therefore opens the way for eradicating the SQL injection threat vector from legacy web applications. Key words: Static program transformation, Security by construction, Symbolic evaluation, SQL injection
Prithvi Bisht, A. Prasad Sistla, V. N. Venkatakris
Added 15 Aug 2010
Updated 15 Aug 2010
Type Conference
Year 2010
Where FC
Authors Prithvi Bisht, A. Prasad Sistla, V. N. Venkatakrishnan
Comments (0)