A WEB-APPLICATION QUALITY ASSESSMENT MODEL BASED ON SQL-INJECTION VULNERABILITY DETECTION
- Р Р‡.МессенРТвЂВВВВВВВВжер
- РћРТвЂВВВВВВВВнокласснРСвЂВВВВВВВВРєРСвЂВВВВВВВВ
- LiveJournal
- Telegram
- ВКонтакте
- РЎРєРѕРїРСвЂВВВВВВВВровать ссылку
Full Text:
Abstract
A way of SQL-injection vulnerability detection based on static code analysis is discussed. A web-application internal quality model based on the results of automated detection of SQL-injection vulnerabilities is given. Practical results of applying the quality model to real-world web-applications are presented.
About the Authors
D. E. Onoshko
Белорусский государственный университет информатики и радиоэлектроники
Belarus
Belarus
V. V. Bakhtizin
Белорусский государственный университет информатики и радиоэлектроники
Belarus
Belarus
References
1. OWASP Top 10-2013. The Ten Most Critical Web Application Security Risks. [Elektronnyi resurs]. - Rezhim dostupa: http://owasptop10.googlecode.com/files/OWASP Top 10 - 2013.pdf. - Data dostupa: 31.10.2013.
2. ISO/IEC 25010:2011. Sistemnaya i programmnaya inzheneriya. Trebovaniya k kachestvu i otsenka programmnogo produkta (SQuaRE). Modeli kachestva sistem i programmnykh sredstv.
3. Bakhtizin V.V. Glukhova L.A., Neborskii S.N. Metrologiya, standartizatsiya i sertifikatsiya v informatsionnykh tekhnologiyakh. Minsk, 2013.
4. GOST 28195-99. Otsenka kachestva programmnykh sredstv. Obshchie polozheniya.
5. Bakhtizin V.V., Glukhova L.A. Standartizatsiya i sertifikatsiya programmnogo obespecheniya. Minsk, 2006.
Review
For citations:
Onoshko D.E., Bakhtizin V.V. A WEB-APPLICATION QUALITY ASSESSMENT MODEL BASED ON SQL-INJECTION VULNERABILITY DETECTION. Doklady BGUIR. 2016;(3):37-43. (In Russ.)
Views:
522
ISSN 1729-7648 (Print)
ISSN 2708-0382 (Online)
ISSN 2708-0382 (Online)
Email this article 