Please use this identifier to cite or link to this item: https://rda.sliit.lk/handle/123456789/2304
Full metadata record
DC FieldValueLanguage
dc.contributor.authorAbawajy, J-
dc.contributor.authorFernando, H. S-
dc.date.accessioned2022-05-16T07:30:33Z-
dc.date.available2022-05-16T07:30:33Z-
dc.date.issued2015-02-01-
dc.identifier.urihttp://rda.sliit.lk/handle/123456789/2304-
dc.description.abstractWhile SQL injection attacks have been plaguing web application systems for years, the possibility of them affecting RFID systems was only identified very recently. However, very little work exists to mitigate this serious security threat to RFID-enabled enterprise systems. In this paper, we propose a policy-based SQLIA detection and prevention method for RFID systems. The proposed technique creates data validation and sanitization policies during content analysis and enforces those policies during runtime monitoring. We tested all possible types of dynamic queries that may be generated in RFID systems with all possible types of attacks that can be mounted on those systems. We present an analysis and evaluation of the proposed approach to demonstrate the effectiveness of the proposed approach in mitigating SQLIA.en_US
dc.language.isoenen_US
dc.publisherNorth-Hollanden_US
dc.relation.ispartofseriesComputer Standards & Interfaces;Vol 38 Pages 64-71-
dc.subjectRFIDen_US
dc.subjectSQLIAen_US
dc.subjectData validationen_US
dc.subjectData sanitizationen_US
dc.subjectPolicyen_US
dc.titlePolicy-based SQLIA detection and prevention approach for RFID systemsen_US
dc.typeArticleen_US
dc.identifier.doi10.1016/j.csi.2014.08.005en_US
Appears in Collections:Research Papers - Dept of Computer Systems Engineering
Research Papers - SLIIT Staff Publications

Files in This Item:
File Description SizeFormat 
1-s2.0-S092054891400083X-main.pdf
  Until 2050-12-31
1.26 MBAdobe PDFView/Open Request a copy


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.