Sql Injection May Cause Harm Computer Science Essay

In our company YouMusic the web information security hazard is really of import. So in our company, we need to do some countermeasure to cut down our loss on the security jobs. The followers is our web security of some of the thoughts and Countermeasures. Want to play in information security minimize the hazard. Network security market in many ways, how do we take the right methods? This is an of import issue. Many different security engineerings and their benefits will be listed in this proposal we can take a more appropriate method of our company.

Undertaking 1

Cost

First we need to cognize in the losingss caused by security. Before our company was be attack with the hacker. It was do a loss. We could, harmonizing to past experience to cipher the possible losingss in the hereafter.

The TCO ( Entire Cost of Ownership ) for the current system

The cost of the hardware

This is the cost of 20 web waiters and the 4 Database waiters.

Get quality help now
Prof. Finch
Verified writer

Proficient in: Computer Networking

4.7 (346)

“ This writer never make an mistake for me always deliver long before due date. Am telling you man this writer is absolutely the best. ”

+84 relevant experts are online
Hire writer

20 ten 6000 + 4 x 10000 = $ 160,000 for 4 old ages

The cost of one-year support

This is the support for 20 web waiters one-year fee and the Database waiters one-year fee.

( 20 web waiters ) + ( 4 Database waiters ) = one-year support cost.

( 20 x 1200 ) + ( 4 x 3000 ) = $ 36,000 per twelvemonth

The company employs 4 full-time web decision makers and an substructure decision maker cost.

The one-year labour support is 5 ten 40000 = $ 200,000

The TCO is: Hardware + ( one-year support cost + one-year labour cost ) x old ages = TCO

Over 4 old ages = 160000 + ( 36000 + 200000 ) x 4 = $ 1104000

The TCO for 4 old ages is $ 1,104,000

The ALE ( Annualized Loss Expectancy ) for this system

This is the security breaches for each topographic point cost

5000 music x ( each path fraudulently purchased + refunded per path ) = security breaches for each topographic point cost.

Get to Know The Price Estimate For Your Paper
Topic
Number of pages
Email Invalid email

By clicking “Check Writers’ Offers”, you agree to our terms of service and privacy policy. We’ll occasionally send you promo and account related email

"You must agree to out terms of services and privacy policy"
Check writers' offers

You won’t be charged yet!

5000 x ( 0.9+1.1 ) = $ 100,000 in losingss

The expected downtime of ( 48 +72 ) = 120 hours per twelvemonth

$ 200m per twelvemonth is tantamount to $ 22,831 per hr

200,000,000 / ( 360 x 24 ) = $ 22,831

Annual cost of being offline is:

22,831 ten 120 = $ 2,739,720

The Each breach costs 0.5 % TCO = $ 6700

ALE = 100000 + 2,739,720 + ( 3 x 6700 ) = $ 2,859,820 per twelvemonth

The Savingss

The Savings over the following 4 old ages is:

Security Admin =7 full-time security decision makers = 7 x 40,000 = $ 280,000 per twelvemonth

Annual Security budget is $ 400,000 per twelvemonth

Each cost is $ 280,000 + $ 400,000 = $ 680,000

Savingss = ( ALE ) – ( Annual Security budget )

= $ 2,859,820 – ( $ 680,000 ) = $ 2,179,820 per twelvemonth

Undertaking 2

Invasion Detection

We know the cost of ownership. Next we need to cognize how to forestall the hazard. In our instance the loss is ever in the invasion. So find invasion sensing is of import of our undertaking.

Intrusion sensing is a type of security direction system for computing machines webs. An Intrusion sensing system is cod and analyzes the information in computing machines or a web to place possible security job, which include invasions ( outside onslaughts ) and abuse ( inside onslaughts ) . Intrusion sensing usesA exposure appraisal, which is a engineering developed to measure the security of a computing machine system or web.

Intrusion sensing maps include:

Monitoring and analysing both user and system activities

Analyzing system constellations and exposures

Measuring system and file unity

Ability to acknowledge forms typical of onslaughts

Analysis of unnatural activity forms

Tracking user policy misdemeanors

IDS ( Intrusion Detection System )

IDS can utilize to observe the extended web onslaught. It include web peeping, port scanning, DoS, The broadband full burden onslaught, TCP scan, OS Intrusion hole onslaught. Today had more Enterprise utilizing the IDS system.

The IDS chief map is utilizing to observe and analysis the leery activity in the web. It include the staff entree the files, remote to entree mechanism, sometime include at that place allow external entree the WWW Server. In the firewall this is sanctioned activity, but some clip hacker will assail between sanctioned activities. If any people between this “ sanctioned activity ” had the onslaught purpose. The firewall by and large ca n’t to work out or analysis.

So different of firewall or entree control mechanism, Intrusion Detection System is analysis each event ( include lawful or improper event ) had or had n’t the attack purpose. This is the invasion sensing system believing forms.

Signature-based System

IDS will protect the about onslaught characteristics database, each characteristics is a group of relate in invasion behaviour regulation.

The characteristics can associate of merely one package belongings list. May be it can associate one series package.

The web supervisor can set their characteristics or add the new characteristics into the information base.

Features

Signature-based IDS can examine all allowed package, every probed package will compare with the characteristics data base. If they are accord, the system will direct the warn message.

The disadvantage of IDS

The system had the anterior cognition of the onslaught to make the characteristics database before the onslaught. So if the onslaught is new, it ca n’t happen it out.

Even if the characteristics is accord, ever may be non attack, and the system will warn.

Because all package will compare with a mass of characteristics informations base. So it may be ca n’t get by and ca n’t observe the malicious package.

In the Enterprise the IDS ever build up the Signature-based system.

Anomaly-based System

Anomaly-based System

The Anomaly-based System IDS will detect the normal burden in the web, and make the characteristics a statistics. It will seek the unusual package included the cyclosis. Because it is non rely on the anterior cognition. So it can observe the new and no record onslaught.

The advantage is it can observe unknown forms of invasion. But the mistake will really more, because it is non easy to specify what is the normal burden, and the user Practices is ever altering. It will do more mistake.

Snicker: A public sphere, unfastened beginning IDS

Snort is use the signature-based and communications protocol method to observe. It is Origins of the unfastened codification IDS. Today had more than one hundred 1000 Snort was deployment.

Snort advantage is it had legion users and expert to keep the characteristics database. Always the new onslaught appear within a few hours, the community will make the characteristics database and print out. Before the characteristics will download and print the worldwide snicker device.

This is the snort several theoretical accounts:

Sniffer

It is merely gaining control the web following package and show in the terminus.

Packet lumberman

Capture the web following package and show in the terminus and shop in the hardisk.

Network invasion sensing system

It is high adjustable. Can utilize the Snort harmonizing to user puting to analysis the web burden and take the reactions.

Online service potency hazard

Online service / Web service developed many clip, the web service is really Diversification. This is representative the web hazard is progressively high. The big endeavors ever had the web portal to supply online services. Normally user usage the web service to treat each personal businesss.

e.g. Email, online shopping, occupations interview. You merely had unfastened the arbors can associate to each web site and input your Account and watchword you can bask different services. In the user position is really convenient. But in the interloper position is good opportunity for onslaught.

Web Application

What is the web application? Web application is a web package, you can utilize the links to link web waiter and user in the arbors to run the on-line plan. Normally is Web Mail services, Online Banking, Online Shopping. But their online services was had high Information Disclosure. In the universe some celebrated endeavors had be hacker use the Web Application failing to occupy. It will take the endeavors have great fiscal and reputational harm. e.g. : The “ Barclays Bank Phishing Attacks ” and the Microsoft “ Hotmail Input Validation Flaw ” . This onslaught is utilizing the on-line plan loophole to invasion.

Why it is non security?

Web Application Security is non being taken earnestly of information security. For the endeavors is really unusual country. Famously the endeavors had used the firewall to protect the web security. Many endeavors was said “ I had the firewall or IDS besides need to Web security?

Firewall

The firewall ca n’t utilize the HTTP protocol control Web Application. Firewall merely can protect the web or Waiter. Merely to look intoing or command each communicating port and each on-line service can success. But it ca n’t against the “ SQL Injection ” or “ Parameter meddling ” onslaught to response.

The World Wide Web server possible hazard

Although we want to avoid the invasion, but we besides need to supply the service to untrusted users. The web waiter is the common illustration. This appears to be a quandary. We need to opening up to the outside universe both we need to protect this.

If the World Wide Web waiter topographic point in exterior of the firewall, the web waiter will wholly open external onslaught country. If the World Wide Web waiter topographic point in interior of the firewall, we will worry this passageway will convey our hazard.

Solution of the possible hazard

If we need to solution this job, the effectual method is the public service topographic point in Third-party web, this web ever name DMZ ( De Militarized Zone ) aˆ‚

Use the Third-party web to construct up decision maker necessary publish to public service system in the DMZ. Puting external can entree this system service at same clip ca n’t entree the internal other system service.

The DMZ how to protect the web waiter

In the DMZ architecture, external can entree the Web Server merely in port 80 web service. In this system other service e.g. FTP / SMTP services and other communicating protocol e.g. ICMP, UDP, RPC, are blocked. So the invasion from external is merely can assail in web services. So merely in the web service had the security weaknesses, the aggressor will success onslaught in this system. Contrary if this system is build outside of the firewall, the all waiter and communicating protocol ( FTP, SMTP, ICMPaˆ¦ . ) had the security weaknesses, it will be a mark of aggressor. So the DMC architecture can cut down being attacked hazard.

DMZ to protect of the internal web

Although DMZ can cut down being attacked hazard. But ca n’t except all hazards, if the web service had a security weaknesses, the web waiter will had chance being invasion.

If the web waiter and the internal web with non the safety protect. If the web server been hacked, it will do serious security affect. If used the DMZ construct up between web waiter and the internal web security barrier, the firewall was non unfastened any from DMZ internal web service, Even if the web waiter invasion, it will non impact to the web security position. So at the same clip DMZ system is proved internal web merchandise.

DMZ ( Demilitarized Zone )

Organization web may be setup one or more than one IDS system.

Always divided into 2 zones:

High secure zone: Protected by the package filter and the plan gateway, at the same time protected by the IDS detectors.

Low secure zone: This is the DMZ ( Lift garrison zone ) . This is country is merely protected by the package filter, but at the same time protected by the IDS detectors.

DMZ ( Demilitarized Zone ) is between the Enterprise private and Internet buffer zone or little web. DMZ can construe as different of external web and internal web particular country. DMZ is the excepting the confidential information populace waiter, e.g. Web waiter, Mail Server, FTP waiter. From external web visitants can see the DMZ services, but they ca n’t entree the internal company confidential and private information. Even the DMZ waiter had harm, the internal company confidential and private information will non hold affect.

Undertaking 3

The Network Architecture of the on-line music store

Fig1

This is the web architecture diagram of the on-line music store.

Internet

In the Internet are more crises. So we need to utilize some equipment to logically protect our web waiters and database waiters.

Router

Router is a web device. It can transmission the information package to the differentiation. In this procedure the router make the way for the information transmittal.

Firewall

The Firewall is a system or a group of the system. It is between the webs to command the petitions. The firewall operating in different ways. The firewall had the one mechanism is block the transmittal manner. Another mechanism is allow the transmittal. The web decision maker can set the firewall to let or barricade the IP or fishy entree.

Why do I need a firewall? Because in the cyberspace we should barricade the fuss petition or some people to malicious onslaughts. If out web be attacks the web will increase the wage burden, and the information escape hazard.

The firewall ca n’t utilize the HTTP protocol control Web Application. Firewall merely can protect the web or Waiter. Merely to look intoing or command each communicating port and each on-line service can success. But it ca n’t against the “ SQL Injection ” or “ Parameter meddling ” onslaught to response. Some clip the firewall will merely entree the e-mail services so it can barricade all the onslaught other onslaught except e-mail onslaught. So we can set the port to protect our web. This can forestall us from unknown onslaughts.

IDS ( Intrusion Detection System )

Between the firewall and the database or web waiter we need to put in the IDS. Because we have some necessary port demand to open with user. The hacker has the chance to utilize this port assail our waiters. So we need in this portion to look into the information is have invasion or non.

Intrusion sensing is a type of security direction system for computing machines webs. An Intrusion sensing system is cod and analyzes the information in computing machines or a web to place possible security job, which include invasions ( outside onslaughts ) and abuse ( inside onslaughts ) . Intrusion sensing usesA exposure appraisal, which is a engineering developed to measure the security of a computing machine system or web.

IDS can utilize to observe the extended web onslaught. It include web peeping, port scanning, DoS, The broadband full burden onslaught, TCP scan, OS Intrusion hole onslaught. Today had more Enterprise utilizing the IDS system.

The IDS chief map is utilizing to observe and analysis the leery activity in the web. It include the staff entree the files, remote to entree mechanism, sometime include at that place allow external entree the WWW Server. In the firewall this is sanctioned activity, but some clip hacker will assail between sanctioned activities. If any people between this “ sanctioned activity ” had the onslaught purpose. The firewall by and large ca n’t to work out or analysis.

So different of firewall or entree control mechanism, Intrusion Detection System is analysis each event ( include lawful or improper event ) had or had n’t the attack purpose. This is the invasion sensing system believing forms.

Switch

This is a web expand equipment. Can supply the subnet have many ports for connexion.

The Switch can classification to 2 Layers, 3 Layers, 4 Layers, 7 Layers.

2 Layer switch had the VLAN divider, car connect port, MAC address entree control list, ever had the GUI ( graph user interface ) or command control, for the web decision maker to set the parametric quantities.

3 Layer can turn out the 3 Layer protocols. It can utilizing the Gateway to construct connexion for different Layer to communicating.

4 Layer can turn out the 4 Layer protocols. It is include the session protocols, utilizing the practical IP.

The Switch and the Hub is different. The switch will utilize the ARP protocol to do the connexion. It can cut down the information hit and cut down the information be tapped. The Switch can treat the package at same clip, but the Hub is ca n’t.

Database waiter

This is utilizing to shop of the information. If the clients request, it can happen the information in the database waiter. The database waiter ever can put to death: Create, Read, Update, Delete.

The database is utilizing a certain manner to hive away. It can portion the information for multi users. It can do the synergistic with any plan, for create the independent informations aggregation.

Database Management System ( DBMS )

This is design to pull off the Database Server package. Always have Create, Read, Update, Delete footing map. Database is maps are depends on the DBMS to sort. Even have type of Relational database, XML ; or back up computing machine type to sort e.g. Mobile phone ; and depends on the linguistic communication to sort. e.g. SQL, XQuery.

DMZ ( Demilitarized Zone )

Organization web may be setup one or more than one IDS system.

Always divided into 2 zones:

High secure zone: Protected by the package filter and the plan gateway, at the same time protected by the IDS detectors.

Low secure zone: This is the DMZ ( Lift garrison zone ) . This is country is merely protected by the package filter, but at the same time protected by the IDS detectors.

DMZ ( Demilitarized Zone ) is between the Enterprise private and Internet buffer zone or little web. DMZ can construe as different of external web and internal web particular country. DMZ is the excepting the confidential information populace waiter, e.g. Web waiter, Mail Server, FTP waiter. From external web visitants can see the DMZ services, but they ca n’t entree the internal company confidential and private information. Even the DMZ waiter had harm, the internal company confidential and private information will non hold affect.

Web Waiters

The web waiter had two significance.

The web waiters is a provide web services computing machine, chiefly had HTML papers. Use the HTTP protocol to link to clients, the clients use the plan to link the web waiter ever name it browser.

This is a plan and supply web services.

Each web waiters perform at least one web services plan. The common web waiter had:

Apache package funding- Apache HTTP web waiter

Microsoft – Internet Information waiter ( IIS )

Zeus Technology – Zeus web waiter

The most common is the Apache package funding- Apache HTTP web waiter, in 2004 Oct, over 67 % web waiter use the Apache provide web services.

Although the web had different web services package, but they had same characteristic. Each web waiter plan can entree the HTTP petition and answer to the clients. The HTTP answer had a HTML papers, text papers, pictures files. This papers are shop in the web server local file system. The web services plan will name the file in the local directory.

Undertaking 4 – 20 Marks

Web Application Security

What is the web application security hazard?

In our company we need to better the web application security ability to forestall Data escape. In the Internet have many Insecurity jobs. Below I have listed the common web application exposures.

SQL Injection

SQL Injection onslaught is a web plan does non run into the security codifications. In order to forestall onslaughts. We should verification all the web page input character threading map. The hacker can utilize the login page in the user name and watchword column onslaught with SQL Injection.

SQL Injection is happening between the web plans and database security exposures. It is input the SQL codifications between the strings and submit to the web plan. In the hapless web plans was ignore the cheque this. The database will misidentify for SQL bid to put to death. Therefore it will destruction the database. All support for SQL bid database waiters will had SQL Injection security hazard.

Reason of the SQL injection

The web applications utilizing the “ twine associating ” to unite into the SQL bid.

At the web applications connect the database server the web applications utilizing inordinate large permissions to entree informations.

The database waiter was unfastened inordinate large permissions.

Excessive trust the user input informations, had non limit the user input type, had non security cheque for the possible security hazard with the input twine.

The SQL how to works?

The SQL bid can bespeak the database waiter to seek, inserts, update, delete bid twine. The SQL Command if input the twine parametric quantity. It will utilize the Citation Markss to wrap.

The SQL can add the remark use the ( /* ) and ( */ ) to wrap. So at the combine the SQL twine had non against the Citation Markss character processing. The hacker can utilize this Loophole to fiddling SQL bid.

For illustration:

If this is your web login SQL Confirmation:

strSQL = “ SELECT * FROM users WHERE ( name = ‘ ” + userName + “ ‘ )

Malice fill:

userName = “ 1 ‘ OR ‘1’=’1 ” ;

The SQL will alter to:

strSQL = “ SELECT * FROM users WHERE ( name = ‘1 ‘ OR ‘1’=’1 ‘ )

The existent execute SQL bid is:

strSQL = “ SELECT * FROM users ; ”

So the bid will bespeak no user name.

SQL injection may do injury

The database table information escape. e.g. Personal confidential information, Account Information or watchwords.

The hacker can cognize our database construction. Can utilize this for farther onslaughts.

The database waiter be onslaught and the decision maker history be fiddling.

The hacker got the high Competence, they can input the maliciousness links.

Distraction the hardisk and paralysis the system.

So we should had high watchfulness for the web application security. It can do you have Huge loss.

How to Avoid the SQL injection

Better your codification

At design plan do n’t utilize the “ Parameterized Question ” to plan the information entree maps. At combination of the SQL twine, statement passed for the characters to replace. ( Replace all the Quotation Markss to dual Citation Markss. )

If use the PHP to development the web applications, you can open the PHP Magic quotation mark ( Auto all page input the parametric quantity and replace all the Quotation Markss to dual Citation Markss.

Filtering the SQL bid e.g. INSERT, CREATE, UPDATE.

Adjust the input conditions e.g. can entree the Upper and lower instance letters of the alphabet and Integer.

Make sure you database is stand-alone installing, guarantee they are update version.

Every waiter had be attack hazard, so the database and the web application install in different computing machine is a good choose. If you web server be onslaught and been compromised the hacker will easy to chop you database server. Another if any one waiter been hacked you can make n’t shutdown the waiter.

Close any default users include ace user.

The default user in include ace user in the user manual can easy to happen it. In 2002-2003 have any worm used this default user or super user history to assail the waiter. More people have n’t attentive this job. So the hacker is easy to chop in the system and utilize the ace user competency to set or make histories.

In the database make the user history, this history is had least competency. Merely can entree the necessary information. Close all default advancement, prevent unneeded entree produce SQLA Injection.

SQL petition must be through the web application and merely can utilize the allowed petition. e.g. Select, Insert, Update.

Most of the web application was puting the SQL competency, on occasion had the delete competency. If the web application no demand the bead bid. You should barricade the petition.

In the web application insert the confirmation.

In the web application insert the confirmation is really of import. Using the confirmation codification can forestall most of SQL Injection onslaughts. The confirmation can sort to:

Information type: confirm the input type is corrected. If the input type is the whole number, we will do the equation to change over the whole number. If the consequence is non a figure, the system will response the user this is incorrect input.

Information length: look into the input length include the upper limit and lower limit characters length. If input is non with in the ring, the system will response the mistake message.

Information format: another should be noted the input format. If the column should input the telephone Numberss format is XXX-XXXXXXXX if user input format is incorrect the system will response the user.

On the market have any Code betterment package. They can better your codification and Clear exposure.

Fig.2

This plan can scrutinize Your Website Security with Acunetix Web Vulnerability Scanner.

Firewalls, SSL and Locked-Down Waiters are Futile Against Web Application Hacking!

Web application onslaughts, launched on port 80/443, go directly through the firewall, past operating system and web degree security, and right in to the bosom of your application and corporate informations. Bespoke web applications are frequently insufficiently tested, have undiscovered exposures and are hence easy quarry for hackers.

Undertaking 5

Information security

In YourMusic web site we require clients to input there personal informations utilizing to reach them. But this advancement is presence the Personal Data Security Risk. Because the personal information is private and confidential. The Hackers may be really interested in this information. So we need better protection for personal information.

In our database the username, electronic mail and watchword inside informations in unencrypted signifier in database. If the client ‘s informations be leakage our company may hold the Torahs liability. So the “ personal informations security hazard ” is really of import in YourMusic web site.

How can we make in the Information security?

Since the information protection is so of import. We should take so action for the information security. vitamin E We have several available methods:

Encoding

We can between the information directing to encryption it.

SSL

Password Advice

SSL ( Secure Sockets Layer )

This is the security engineering between the web waiter and the arbors utilizing encoding to communicating. It can protect the waiter and arbors communicate the information Privacy and Integrity. SSL is an enterprise-class criterions. It is used by 1000000s of web sites to protect their clients online dealing information, In order to utilize SSL secure connexion, A web waiter requires a certification.

When you enable the SSL service on your web waiter. You will be prompted to make full several recognized about your waiter ‘s individuality job ( e.g. your web server website ) and your company information ( e.g. your company name or location ) . Then your web waiter will make two key, one for private one for public. Your private key is so called because it is used to keep the privateness and security. The public key is you do non confidential and placed in the file of the CSR ( Certificate Signing Request ) . It file is contains elaborate information. You must utilize this CSR sent to the Certification Center. Through SSL certification application processs to Certification Authority. it will verify your inside informations information and direct the include your information certification to you. You will utilize the SSL to communicating. If that is all right, you will between the waiter and arbors had the encoding nexus.

The client ‘s will non see the complex SSL scene, they will merely in the arbors see the lock symbol to the client ‘s the web have SSL protect.

The Internet Explore users will see this.

Click the lock to your SSL certification and your inside informations will be displayed:

The typical SSL certification will include your sphere name, company name ( YouMusic ) , address, metropolis, province and your state. It besides contains inside informations of the adulthood day of the month of the certification and is responsible for the issue of this certification issue centre. When a browser nexus to a secure Web site It will have this site ‘s SSL certification and verify that is it expired. Whether it has been issued by the browser believable the issue centre and is it like to Issuance enrollment Content is utilizing in the web. If anyone is non entree The browser will expose a warning message to the user.

Any encodings standard

Hash

Hash algorithm in the terminal what usage is it? Hash algorithm in information security is chiefly reflected in the undermentioned three facets:

File checksum:

They are to a certain extent, be able to observe and rectify the channel mistakes in the information transmittal. But it ca n’t forestall malicious harm to informations.

Digital signature:

The Hash algorithm on cryptanalysis is an of import portion. Because the “ asymmetric algorithm ” is slow. So the digital signature understanding, the one-way hash map plays an of import function.

Authentication Protocol

Authentication Protocol can name “ Challenges – hallmark manner ” . The Transmission channel can be listener but ca n’t fiddle. This is a simple and safe manner.

CRC

( CRC ) algorithm is a common method for mistake detection.CRC is a mathematical algorithm that is use the original informations send input and direct end products and look into figure to the terminal of the informations transmittal. Then look into the consequence of CRC and received successfully.

MD5 ( Message-Digest Algorithm 5 )

MD5 is used to guarantee complete and consistent message transmittal widely used hash computation. Mainstream programming linguistic communications aˆ‹aˆ‹have by and large MD5 execution.

SHA 1 ( Secure Hash Algorithm )

SHA is the encoding method. It length is short than 264 input, it can bring forth length 160bit hash value. So the brute-force is better. SHA-1 is base on MD4 method to plan. It is utilizing the same algorithm. SHA-1 is issued by the National Institute of Standards by NIST ( National Institute of Standards and Technology ) .it is the most widely used hash map algorithm. It is presently the most advanced encoding engineering. It is Government sections and private proprietors use to manage sensitive information engineering. SHA-1 based on MD5, MD5 based on MD4. Forum system image file hash is Microsoft ‘s official SHA-1 value, this value corresponds to download. Help you download the file has non been changed, belonging to the original.

Drumhead

YourMusic is a web-based electronic trading store, for the hacker is a good hoarded wealth house, so we must take external preventative work. Or we will be a immense loss. So the information security in our company is really of import.

Referencing and Bibliographies

LuxSci.com

Retrieved 20 April 2013from

hypertext transfer protocol: //luxsci.com/blog/secure-web-pages-and-web-forms-what-you-need-to-know.html

NCC IS_Textbook_2008 Syllabus

NCC_Textbook_2008

NCC IS_Visuals_2007

11. Attachment

Fig.1

Fig.2

Cite this page

Sql Injection May Cause Harm Computer Science Essay. (2020, Jun 02). Retrieved from https://studymoose.com/sql-injection-may-cause-harm-computer-science-new-essay

👋 Hi! I’m your smart assistant Amy!

Don’t know where to start? Type your requirements and I’ll connect you to an academic expert within 3 minutes.

get help with your assignment