Attack methodology Analysis: SQL Injection Attacks and Their Applicability to Control Systems Metadata
Metadata describes a digital item, providing (if known) such information as creator, publisher, contents, size, relationship to other resources, and more. Metadata may also contain "preservation" components that help us to maintain the integrity of digital files over time.
Title
- Main Title Attack methodology Analysis: SQL Injection Attacks and Their Applicability to Control Systems
Creator
-
Author: Rolston, BriCreator Type: Personal
Contributor
-
Sponsor: United States. Office of the Assistant Secretary for Nuclear Energy.Contributor Type: OrganizationContributor Info: DOE - NE
Publisher
-
Name: Idaho National LaboratoryPlace of Publication: [Idaho Falls, Idaho]Additional Info: Idaho National Laboratory (INL)
Date
- Creation: 2005-09-01
Language
- English
Description
- Content Description: Database applications have become a core component in control systems and their associated record keeping utilities. Traditional security models attempt to secure systems by isolating core software components and concentrating security efforts against threats specific to those computers or software components. Database security within control systems follows these models by using generally independent systems that rely on one another for proper functionality. The high level of reliance between the two systems creates an expanded threat surface. To understand the scope of a threat surface, all segments of the control system, with an emphasis on entry points, must be examined. The communication link between data and decision layers is the primary attack surface for SQL injection. This paper facilitates understanding what SQL injection is and why it is a significant threat to control system environments.
Subject
- Keyword: Sql
- Keyword: Database Exploit
- Keyword: Database
- Keyword: Computers
- Keyword: Communications
- Keyword: Sql Injection
- STI Subject Categories: 24 - Power Transmission And Distribution
- Keyword: Security Database
- Keyword: Control Systems
Collection
-
Name: Office of Scientific & Technical Information Technical ReportsCode: OSTI
Institution
-
Name: UNT Libraries Government Documents DepartmentCode: UNTGD
Resource Type
- Report
Format
- Text
Identifier
- Report No.: INL/EXT-05-00572
- Grant Number: DE-AC07-99ID-13727
- DOI: 10.2172/911631
- Office of Scientific & Technical Information Report Number: 911631
- Archival Resource Key: ark:/67531/metadc891443