Refine your search
Collections
Co-Authors
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All
Lakhani, Jyoti
- Blind XPath Injection Attack: A Case Study
Abstract Views :486 |
PDF Views:4
Authors
Affiliations
1 Maharaja Ganga Singh University, Bikaner, Rajasthan, IN
1 Maharaja Ganga Singh University, Bikaner, Rajasthan, IN
Source
International Journal of System & Software Engineering, Vol 1, No 1 (2013), Pagination: 30-34Abstract
Extensible Mark-up Language (XML) is adopted by different organizations as a data exchange format for web services and internet applications. The XML is much prone to hackers' attack. The common hacking technique for XML is XPath injection. The attacker can exploit the XPath to manipulate the database. XPath Injection attack can even bypass the system security and results can be disastrous. In this communication Blind XPath code injection problem is being reviewed using a case study. This article discusses the extent of the problem and few principals for managing and solving XML deployment.Keywords
XML, XPath Injection, Blind XPath Injection
References
- Antunes, N., Laranjeiro, N., Vieira, M. & Madeira, H. (2009). Effective Detection of SQL/XPathInjection Vulnerabilities in Web Services. In Services Computing, 2009. SCC’09. IEEE International Conference, pp. 260-267.
- Blasco, J. (2007). Introduction to X-Path Injection Techniques, Hakin9. Conference on IT Underground, Czech Republic, pp. 23-31.
- Groppe, J. & Groppe, S. (2008). Filtering unsatisfiable X-Path queries. Journal Data & Knowledge Engineering, 64(1), 134-169.
- Klein, A. (2005). Blind X-Path Injection. Whitepaper, Watchfi re. Retrieved from http://www. modsecurity. org/archive/amit/blind-xpath-injection.pdf
- Li, Z., Shamy, S. M. E. & Galal, T. (2011). A Novell security framework for web application and database. JDCTA: International Journal of Digital Content Technology and its Applications, 5(10), 190-198.
- Mitropoulos, D., Karakoidas, V. & Spinellis, D. (2009). Fortifying Applications against XPathInjection Attacks. MCIS 2009: 4th Mediterranean Conference on Information Systems, Athens, pp. 1169-1179.
- Obugi, U. (2006). IBM, Thinking XML: Manage XML data sets for security, XML Thinking Forum. Retrieved from http://www.ibm.com/developerworks/library/x-think37/.
- Sen, R. (2007). Avoid the dangers of XPath injection, IBM Technical Library. Retrieved from http://www.ibm.com/developerworks/xml/library/x-xpathinjection/index.html
- Stuttard, D. & Pinto, M. (2007). The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws. Wiley, ISBN-10: 0470170778.
- W3C Recommendation. (2000). Extensible Mark-up Language (XML) 1.0 (2ndEd.). W3C Recommendation. 6 October 2000. Retrieved from http://www.w3.org/TR/REC-xml
- W3C Recommendation. (1999). XML Path Language (XPath) Version 1.0 - W3C Recommendation. 16 November 1999. Retrieved from http://www.w3.org/TR/xpath
- W3C Working Draft. (2003). XML Path Language (XPath) 2.0 - W3C Working Draft. 12 November 2003. Retrieved from http://www.w3.org/TR/xpath20/
- A Complete Inter-Class Sharing During the Inheritance to Enhance Reusability of Public Data and their Access Control Using Dominance
Abstract Views :276 |
PDF Views:0
Authors
Affiliations
1 Department of Computer Science, Maharaja Ganga Singh University, Bikaner, Rajasthan, IN
2 Department of Microbiology, Maharaja Ganga Singh University, Bikaner, Rajasthan, IN
1 Department of Computer Science, Maharaja Ganga Singh University, Bikaner, Rajasthan, IN
2 Department of Microbiology, Maharaja Ganga Singh University, Bikaner, Rajasthan, IN
Source
International Journal of System & Software Engineering, Vol 3, No 2 (2015), Pagination: 14-18Abstract
Inheritance is used for reusability in an object oriented programming language. The complete reusability is not possible with the simple inheritance process. On inheriting parent class, the child does not get a complete access to the inherited data. Only an instance of the values of inherited data has been accessible by the child class and it is true even for the public data. The present communication is a concept paper in which a special inheritance method has been conceptualised. This proposed method is called backward accessibility inheritance. Once inherited, the public data item of the parent class can be shared by the child class in all sense. This way the inherited data item can be truly reused by child class in terms of memory space, name and value. To control the accessibility of the data during the backward accessibility inheritance, concept of dominance has also been introduced.Keywords
Inheritance, Object Oriented Programming, Backward Accessibility, Dominance.References
- Blumberg, R. B. (1997). Mendel Web, Edition 97.1, Retrieved from www.mendelweb.org.
- Inheritance. Retrieved from http://en.wikipedia.org/wiki/ Inheritance_(object-oriented_programming)
- Mendel G. (1965). Centenary of Mendel’s paper-Experiments in plant hybridization. British Medical Journal, 368-374.
- Mendel, G., Harwani, D., & Lakhani, J. (2015). Disambiguation of multiple inheritance in C++ using biological law of genetics. Academic Journal of Science, 3(3), 361-371.
- Object Oriented Programming. Retrieved from http://en.wikipedia.org/wiki/Object-oriented_programming.
- Rambaugh, J. (1991). Object oriented modeling and design. Prentice Hall.