Пропуск в контексте
Methods of Safe Processing of User-Entered Information in Information Systems

Methods of Safe Processing of User-Entered Information in Information Systems

The paper delves into the critical importance of information security, particularly in user input processing tools, within the contemporary. It highlights the exponential growth of data types and volumes in information systems, emphasizing the consequent rise in vulnerabilities exploited by attacker...

Полное описание

Сохранить в:
Библиографические подробности
Главные авторы: Govorova, S. V., Говорова, С. В., Ishchenko, T., Ищенко, Т., Khatsukova, A., Хацукова, А., Melnikov, S. V., Мельников, С. В., Govorov, E. Y., Говоров, Е. Ю.
Формат: Статья
Язык:English
Опубликовано: Springer Science and Business Media Deutschland GmbH 2024
Темы:
Cross-site scripting
User-entered information
Parametrized queries
SQL injection
Sanitization
Validation
Online-ссылка:https://dspace.ncfu.ru/handle/123456789/29303
Метки: Добавить метку
Нет меток, Требуется 1-ая метка записи!
Описание
Краткое описание:The paper delves into the critical importance of information security, particularly in user input processing tools, within the contemporary. It highlights the exponential growth of data types and volumes in information systems, emphasizing the consequent rise in vulnerabilities exploited by attackers. Common attack methods like SQL injection, cross-site scripting, and buffer over-flow are discussed alongside the risks posed by inadequate user training in information security. The authors analyze the risks that arise when processing data entered by the user. Based on analysis, it is suggested to use comprehensive security measures, including validation, sanitization, and parameterized queries, to counteract these threats. Validation ensures data correctness both client-side and server-side, while sanitization removes invalid characters to prevent attacks. Parameterized queries mitigate SQL injection risks. Recommendations include regular software updates, employee training, and penetration testing to bolster security. Paper underscores the necessity of employing various protection methods to safeguard information systems comprehensively. By integrating multiple layers of defense, organizations can mitigate operational vulnerabilities, prevent unauthorized access, and maintain data integrity, thereby fostering trust among users and stakeholders in the digital realm.

Схожие документы