详细信息
存储过程技术在网络考试系统SQL注入攻击防御上的应用 被引量:6
Application of Stored Procedures to Defense against SQL Injection Attacks in Online Examination System
文献类型:期刊文献
中文题名:存储过程技术在网络考试系统SQL注入攻击防御上的应用
英文题名:Application of Stored Procedures to Defense against SQL Injection Attacks in Online Examination System
作者:黄龙军[1]
机构:[1]绍兴文理学院计算机系
年份:2013
期号:1
起止页码:103
中文期刊名:计算机系统应用
外文期刊名:Computer Systems & Applications
收录:CSTPCD
语种:中文
中文关键词:存储过程;安全性;网上考试;SQL注入;SQL;Server
外文关键词:stored procedure; security; online examination; SQL injection; SQL Server
中文摘要:介绍利用SQL Server存储过程来提高网上考试系统的安全性,讨论SQL注入攻击及采用存储过程的方法进行防御,给出了网上考试系统中随机生成试卷等存储过程的实现方法.采用存储过程能有效防御SQL注入攻击,提高系统的安全性.
外文摘要:This paper describes the use of stored procedures to improve the security of online examination system. We discuss SQL injection attacks, the method of defense using the stored procedures, and some stored procedures of the online examination system, such as randomly generated papers. Use of stored procedures effectually secures against SQL injection attacks, improves the system security.
参考文献:
正在载入数据...