Forms and Validity
SQL injection attack (SQLIA) is considered one of the top 10 web application vulnerabilities of 2007 and 2010 by the Open Web Application Security Project. The attacking vector contains five main sub-classes depending on the technical aspects of the attack's deployment:
- Classic SQLIA
- Inference SQL injection
- Interacting with SQL injection
- Database management system-specific SQLIA
- Compounded SQLIA
- SQL injection + insufficient authentication
- SQL injection + DDoS attacks
- SQL injection + DNS hijacking
- SQL injection +XSS
A complete overview of the SQL Injection classification is presented in the next figure. The Storm Worm is one representation of Compounded SQLIA.
This classification represents the state of SQLIA, respecting its evolution until 2010—further refinement is underway.
Read more about this topic: SQL Injection
Famous quotes containing the words forms and, forms and/or validity:
“I had a glimpse through curtain laces
Of youthful forms and youthful faces.”
—Robert Frost (18741963)
“The analogy between the mind and a computer fails for many reasons. The brain is constructed by principles that assure diversity and degeneracy. Unlike a computer, it has no replicative memory. It is historical and value driven. It forms categories by internal criteria and by constraints acting at many scales, not by means of a syntactically constructed program. The world with which the brain interacts is not unequivocally made up of classical categories.”
—Gerald M. Edelman (b. 1928)
“There are ... two minimum conditions necessary and sufficient for the existence of a legal system. On the one hand those rules of behavior which are valid according to the systems ultimate criteria of validity must be generally obeyed, and on the other hand, its rules of recognition specifying the criteria of legal validity and its rules of change and adjudication must be effectively accepted as common public standards of official behavior by its officials.”
—H.L.A. (Herbert Lionel Adolphus)