System and method for internet security
US8578487B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Nov 4, 2010 |
| Grant date | Nov 5, 2013 |
| Priority date | — |
| Expiry date | Sep 17, 2031 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/6227
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A computer implemented method for preventing SQL injection attacks comprises intercepting a web request associated with a web service at a first software hook in a first web service execution context, persisting at least a portion of the intercepted web request in a storage location associated with the first software hook and accessible to at least one additional execution context, intercepting a database query generated by at least one web service processing operation at a second software hook associated with the execution of the query, wherein the query is generated in response to the intercepted web request and the second hook retrieves the persisted portion of the intercepted web request, comparing a portion of the persisted portion of the intercepted web request with at least a portion of the intercepted database query, and determining, prior to the query being executed, whether the query corresponds to a potential SQL injection attack.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.