SENTINEL: securing database from logic flaws in web applications

Abstract

Logic flaws within web applications allow the attackers to disclose or tamper sensitive information stored in back-end databases, since the web application usually acts as the single trusted user that interacts with the database. In this paper, we model the web application as an extended finite state machine and present a black-box approach for deriving the… (More)
DOI: 10.1145/2133601.2133605

Topics

10 Figures and Tables

Cite this paper

@inproceedings{Li2012SENTINELSD, title={SENTINEL: securing database from logic flaws in web applications}, author={Xiaowei Li and Wei Yan and Yuan Xue}, booktitle={CODASPY}, year={2012} }