ATE467970T1 - Eingabe- und ausgabe-validierung zum schutze von datenbank-servern - Google Patents

Eingabe- und ausgabe-validierung zum schutze von datenbank-servern

Info

Publication number
ATE467970T1
ATE467970T1 AT07290990T AT07290990T ATE467970T1 AT E467970 T1 ATE467970 T1 AT E467970T1 AT 07290990 T AT07290990 T AT 07290990T AT 07290990 T AT07290990 T AT 07290990T AT E467970 T1 ATE467970 T1 AT E467970T1
Authority
AT
Austria
Prior art keywords
input
handler
service
database servers
computer
Prior art date
Application number
AT07290990T
Other languages
English (en)
Inventor
Azzedine Benameur
Khoury Paul El
Original Assignee
Sap Ag
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sap Ag filed Critical Sap Ag
Application granted granted Critical
Publication of ATE467970T1 publication Critical patent/ATE467970T1/de

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer And Data Communications (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Maintenance And Management Of Digital Transmission (AREA)
AT07290990T 2007-08-09 2007-08-09 Eingabe- und ausgabe-validierung zum schutze von datenbank-servern ATE467970T1 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP07290990A EP2023569B1 (de) 2007-08-09 2007-08-09 Eingabe- und Ausgabe-Validierung zum Schutze von Datenbank-Servern

Publications (1)

Publication Number Publication Date
ATE467970T1 true ATE467970T1 (de) 2010-05-15

Family

ID=38835022

Family Applications (1)

Application Number Title Priority Date Filing Date
AT07290990T ATE467970T1 (de) 2007-08-09 2007-08-09 Eingabe- und ausgabe-validierung zum schutze von datenbank-servern

Country Status (4)

Country Link
US (1) US20090044271A1 (de)
EP (1) EP2023569B1 (de)
AT (1) ATE467970T1 (de)
DE (1) DE602007006475D1 (de)

Families Citing this family (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101877696B (zh) * 2009-04-30 2014-01-08 国际商业机器公司 在网络应用环境下重构错误响应信息的设备和方法
US9026580B2 (en) * 2009-11-20 2015-05-05 Microsoft Technology Licensing, Llc Validation pipeline
US20120017200A1 (en) * 2010-07-16 2012-01-19 Fujitsu Limited Solving Hybrid Constraints to Validate a Security Software Module for Detecting Injection Attacks
US8572574B2 (en) 2010-07-16 2013-10-29 Fujitsu Limited Solving hybrid constraints to validate specification requirements of a software module
US9118713B2 (en) * 2011-09-26 2015-08-25 The Board Of Trustees Of The University Of Illinois System and a method for automatically detecting security vulnerabilities in client-server applications
US9317715B2 (en) 2012-08-24 2016-04-19 Sap Se Data protection compliant deletion of personally identifiable information
US9465837B1 (en) * 2012-10-15 2016-10-11 Google Inc. Processing data requests for a schemaless datastore in accordance with constraint information
WO2015021555A1 (en) * 2013-08-15 2015-02-19 Immun.io Inc. Method and system to dynamically alter application functionality at runtime in a constrained and secure manner
US20150195395A1 (en) * 2014-01-06 2015-07-09 Desiree Gina McDowell-White Secure Cloud-Based Phonebook
US9811668B2 (en) 2015-04-21 2017-11-07 Sap Se Multi-context exploit test management
US10447730B2 (en) 2015-05-15 2019-10-15 Virsec Systems, Inc. Detection of SQL injection attacks
US10693901B1 (en) * 2015-10-28 2020-06-23 Jpmorgan Chase Bank, N.A. Techniques for application security
US11816483B2 (en) 2017-12-29 2023-11-14 Intel Corporation Systems, methods, and apparatuses for matrix operations
US11789729B2 (en) 2017-12-29 2023-10-17 Intel Corporation Systems and methods for computing dot products of nibbles in two tile operands
US11093247B2 (en) 2017-12-29 2021-08-17 Intel Corporation Systems and methods to load a tile register pair
US11809869B2 (en) * 2017-12-29 2023-11-07 Intel Corporation Systems and methods to store a tile register pair to memory
US11023235B2 (en) 2017-12-29 2021-06-01 Intel Corporation Systems and methods to zero a tile register pair
US11669326B2 (en) 2017-12-29 2023-06-06 Intel Corporation Systems, methods, and apparatuses for dot product operations
US11750624B2 (en) 2018-06-22 2023-09-05 Vmware, Inc. Statistical approach for augmenting signature detection in web application firewall
US11201855B1 (en) 2018-06-22 2021-12-14 Vmware, Inc. Distributed firewall that learns from traffic patterns to prevent attacks
CN112199668B (zh) * 2020-09-01 2024-03-01 中国科学院信息工程研究所 一种检测容器中应用层消耗CPU的DoS攻击的方法和装置
US11934393B2 (en) * 2021-01-12 2024-03-19 Sap Se Input validation API using machine learning and database input validation framework
CN115314255B (zh) * 2022-07-11 2023-12-29 深信服科技股份有限公司 攻击结果的检测方法、装置、计算机设备和存储介质
CN120217418B (zh) * 2025-05-30 2025-09-19 云筑信息科技(成都)有限公司 一种基于服务网格实现通用数据加密的方法

Family Cites Families (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5848393A (en) * 1995-12-15 1998-12-08 Ncr Corporation "What if . . . " function for simulating operations within a task workflow management system
US7904454B2 (en) 2001-07-16 2011-03-08 International Business Machines Corporation Database access security
EP1296252B1 (de) 2001-09-21 2007-08-01 Koninklijke KPN N.V. Computersystem, Datenübertragungsnetz, Computerprogramm und Datenträger, alle zur Filterung von einen Inhalt gemäss einer Markierungssprache einschliessenden Nachrichten
US7568229B1 (en) * 2003-07-01 2009-07-28 Symantec Corporation Real-time training for a computer code intrusion detection system
US7487149B2 (en) * 2004-03-10 2009-02-03 Oracle International Corporation Method and apparatus for providing query-level security in a database system
US7831995B2 (en) * 2004-10-29 2010-11-09 CORE, SDI, Inc. Establishing and enforcing security and privacy policies in web-based applications
WO2006074201A2 (en) * 2005-01-04 2006-07-13 Breach Security A system to enable detecting attacks within encrypted traffic
US7558796B1 (en) * 2005-05-19 2009-07-07 Symantec Corporation Determining origins of queries for a database intrusion detection system
JP2007004685A (ja) * 2005-06-27 2007-01-11 Hitachi Ltd 通信情報監視装置
US7774361B1 (en) * 2005-07-08 2010-08-10 Symantec Corporation Effective aggregation and presentation of database intrusion incidents
US8347392B2 (en) * 2005-08-25 2013-01-01 Hewlett-Packard Development Company, L.P. Apparatus and method for analyzing and supplementing a program to provide security
US20070136809A1 (en) * 2005-12-08 2007-06-14 Kim Hwan K Apparatus and method for blocking attack against Web application
GB0525871D0 (en) * 2005-12-20 2006-02-01 Symbian Software Ltd Malicious software detecting in a computing device
US20070157311A1 (en) * 2005-12-29 2007-07-05 Microsoft Corporation Security modeling and the application life cycle
US7934253B2 (en) * 2006-07-20 2011-04-26 Trustwave Holdings, Inc. System and method of securing web applications across an enterprise
US8631147B2 (en) * 2007-03-12 2014-01-14 Citrix Systems, Inc. Systems and methods for configuring policy bank invocations
US8051486B2 (en) * 2007-05-24 2011-11-01 Oracle International Corporation Indicating SQL injection attack vulnerability with a stored value

Also Published As

Publication number Publication date
DE602007006475D1 (de) 2010-06-24
EP2023569B1 (de) 2010-05-12
EP2023569A1 (de) 2009-02-11
US20090044271A1 (en) 2009-02-12

Similar Documents

Publication Publication Date Title
ATE467970T1 (de) Eingabe- und ausgabe-validierung zum schutze von datenbank-servern
SG160308A1 (en) System and method for using customer information in electronic commerce
CN110599095B (zh) 基于区块链网络的危废处理方法及区块链网络的节点
WO2020259629A1 (zh) 一种基于区块链的数据检验方法及装置
BR0317783A (pt) Método de interagir com um serviço definido por esquema por meio de um dispositivo terminal em uma rede, dispositivo terminal, produto de programa de computador, e, servidor
GB2491751A (en) Method of optimizing the interaction between a software application and a database server or other kind of remote data source
DE602004005050D1 (de) Verfahren, vorrichtung und computerprogramm zum verarbeiten einer warteschlange von nachrichten
WO2002027529A3 (en) Enterprise web mining system and method
EP2235635A4 (de) Verteiltes sicherungs- und abrufsystem
TW200625140A (en) RFID server internals design
WO2005015441A3 (en) Dynamic meta data
WO2008088722A3 (en) Querying data and an associated ontology in a database management system
WO2008073359A3 (en) Systems and methods for source document management in clinical trials
WO2008125508A3 (en) Managing entity data in case of multiple entity identities
WO2006104581A3 (en) Gaming device network managing system and method
EP4462274A3 (de) Verfahren und system zur erzeugung von schnell durchsuchbaren veränderten daten in einer datenbank
WO2007087454A3 (en) Audiovisual systems and methods of presenting audiovisual content
CN110795387B (zh) 一种数据导入方法、数据导出方法、装置及数据处理系统
CN104580211A (zh) 一种基于soa架构的侵入式系统
PL1484696T3 (pl) Proces optymalizacji linku odsyłającego do innej strony sieciowej
GB0509904D0 (en) Method, apparatus and computer program for facilitating communication between a client application and a server application
ATE551648T1 (de) System und verfahren für eine allgemeine integration einer datenbank in einen hochverfügbarkeitscluster
CN107276967A (zh) 一种分布式系统及其登录验证方法
WO2009158406A8 (en) Methods and systems for increasing protein food safety
GB2604771A (en) Event log tamper resistance

Legal Events

Date Code Title Description
RER Ceased as to paragraph 5 lit. 3 law introducing patent treaties