SQL-Injections: A wake-up call for developer: A study about a major threat and issue for companies and organizations worldwide
Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesisAlternative title
SQL-Injektioner: En tankeställare för utvecklare : En studie om ett stort hot och problem för företag och organisationer världen över (Swedish)
Injection attack is the most critical website security risk, and SQL-injection attack is the most reported injection attack on websites. This thesis strives to find an answer of why SQL-injections still remain as one of the most common website vulnerabilities. A questionnaire was conducted where companies and organizations answered several questions about their awareness, experience and knowledge of SQL-injections. After statistical analysis, results was found that indicate that there are many reasons behind SQL-injection vulnerabilities, for example many companies and organizations begins to sanitize input data after the attack, and others don’t know what SQL-injection is. This thesis will also contribute to the general awareness of SQL-injections; a wake-up call for developers, professors, researchers and students that are designing and programming databases and websites.
Place, publisher, year, edition, pages
2013. , 36 p.
SQL-Injection, SQL-Injection attack, SQL, IT-Security, IS-Security, Database, Database Management System, Website, Information security
SQL-injektion, SQL-injektions attack, SQL, IT-säkerhet, IS-säkerhet, Databas, Databashanteringssystem, Hemsida, Informationssäkerhet
Information Systems, Social aspects
IdentifiersURN: urn:nbn:se:uu:diva-202104OAI: oai:DiVA.org:uu-202104DiVA: diva2:630946
Subject / course
Computer Systems Sciences
Bachelor programme in Information Systems
2013-05-28, Ekonomikum, Kyrkogårdsgatan 10 753 13, Uppsala, 20:46 (Swedish)
Bengtsson, Fredrik, Junior LecturerAndersson, Jan-Olof
Tétard, Franck, Senior lecture