Articles
| Open Access |
DOI: METHODS FOR PREVENTING SQL INJECTION IN IDENTITY AND ACCESS MANAGEMENT (IAM) SYSTEMS
Asha Seshagiri , Software Development Engineer 3 at Expedia, Austin Texas, USAAbstract
This paper discusses methods for preventing SQL (Structured Query Language) injections in identity and access control (IAM) systems. SQL injections represent one of the most serious threats to web security, allowing attackers to gain unauthorized access to and modify data. The main security methods include filtering input data, using prepared statements and parameterization, implementing stored procedures, restricting access rights, and regularly updating software. Effective privilege management and database activity monitoring also play a key role in preventing attacks. The introduction of these measures helps protect confidential information, ensures reliable authentication and authorization, and maintains data integrity. The paper highlights the importance of an integrated approach to database security in the face of growing cyber threats.
Zenodo DOI:- https://doi.org/10.5281/zenodo.13895346
Keywords
SQL injection, programming, identity and access management systems
References
The attack of the Kaseya VSA ransomware. [Electronic resource] Access mode: https://en.wikipedia.org/wiki/Kaseya_VSA_ransomware_attack (accessed 06/20/2024).
More than 200 organizations have become victims of violations related to information technology MOVE. [Electronic resource] Access mode: https://www.axios.com/2023/07/07/moveit-hack-200-target-millions-victims (accessed 06/20/2024).
Types of SQL Injection (SQLi). [Electronic resource] Access mode: https://www.geeksforgeeks.org/types-of-sql-injection-sqli/ (access date 06/20/2024).
What is identity and access management (IAM). [Electronic resource] Access mode: https://www.ibm.com/topics/identity-access-management (access date 06/20/2024).
What IAM is and what it does. [Electronic resource] Access mode: https://www.microsoft.com/en-us/security/business/security-101/what-is-identity-access-management-iam (access date 06/20/2024).
Top Identity and Access Management Systems | IAM | Open Source | Enterprise. [Electronic resource] Access mode: https://medium.com/@devops.ent/top-identity-and-access-management-systems-iam-open-source-enterprise-92cf66560a55 (access date 06/20/2024).
How to Prevent SQL Injection: 5 Key Prevention Methods. [Electronic resource] Access mode: https://www.esecurityplanet.com/threats/how-to-prevent-sql-injection-attacks/
How to Prevent SQL Injection Attacks: Essential Tips and Best Practices. [Electronic resource] Access mode: https://www.sql-easy.com/learn/how-to-prevent-sql-injection-attacks/ (access date 06/20/2024).
Article Statistics
Copyright License
Copyright (c) 2024 Asha Seshagiri
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain the copyright of their manuscripts, and all Open Access articles are disseminated under the terms of the Creative Commons Attribution License 4.0 (CC-BY), which licenses unrestricted use, distribution, and reproduction in any medium, provided that the original work is appropriately cited. The use of general descriptive names, trade names, trademarks, and so forth in this publication, even if not specifically identified, does not imply that these names are not protected by the relevant laws and regulations.