Defending against code injection attacks using Secure Design Pattern | |
---|---|
Author | |
Abstract |
Object Oriented Security - Several software vulnerabilities emerge during the design phase of a software development process, which can be addressed using secure design patterns. However, using these patterns over web application vulnerabilities is comparatively more tricky for developers than using traditional design patterns. Although several practices exist for addressing software security vulnerabilities, they are sometimes difficult to reuse due to their implementation-specific nature. In this study, we discuss the secure design patterns that are intended to prevent vulnerabilities from being accidentally introduced into code or reduce the effects of flaws. The patterns are created by combining current best security design practices and adding security-specific functionality to the existing design patterns. Hence, this work outlines a convenient mechanism for deciding which secure design patterns to use for addressing online application vulnerabilities. We have demonstrated the applicability of our concept over a prevalent database security threat, namely SQL injection. |
Year of Publication |
2022
|
Date Published |
dec
|
Publisher |
IEEE
|
Conference Location |
Japan
|
ISBN Number |
978-1-66545-537-4
|
URL |
https://ieeexplore.ieee.org/document/10043196/
|
DOI |
10.1109/APSEC57359.2022.00085
|
Google Scholar | BibTeX | DOI |