Methods of Safe Processing of User-Entered Information in Information Systems
The paper delves into the critical importance of information security, particularly in user input processing tools, within the contemporary. It highlights the exponential growth of data types and volumes in information systems, emphasizing the consequent rise in vulnerabilities exploited by attacker...
Сохранить в:
| Главные авторы: | , , , , , , , , , |
|---|---|
| Формат: | Статья |
| Язык: | English |
| Опубликовано: |
Springer Science and Business Media Deutschland GmbH
2024
|
| Темы: | |
| Online-ссылка: | https://dspace.ncfu.ru/handle/123456789/29303 |
| Метки: |
Добавить метку
Нет меток, Требуется 1-ая метка записи!
|
| id |
ir-123456789-29303 |
|---|---|
| record_format |
dspace |
| spelling |
ir-123456789-293032024-12-04T11:51:38Z Methods of Safe Processing of User-Entered Information in Information Systems Govorova, S. V. Говорова, С. В. Ishchenko, T. Ищенко, Т. Khatsukova, A. Хацукова, А. Melnikov, S. V. Мельников, С. В. Govorov, E. Y. Говоров, Е. Ю. Cross-site scripting User-entered information Parametrized queries SQL injection Sanitization Validation The paper delves into the critical importance of information security, particularly in user input processing tools, within the contemporary. It highlights the exponential growth of data types and volumes in information systems, emphasizing the consequent rise in vulnerabilities exploited by attackers. Common attack methods like SQL injection, cross-site scripting, and buffer over-flow are discussed alongside the risks posed by inadequate user training in information security. The authors analyze the risks that arise when processing data entered by the user. Based on analysis, it is suggested to use comprehensive security measures, including validation, sanitization, and parameterized queries, to counteract these threats. Validation ensures data correctness both client-side and server-side, while sanitization removes invalid characters to prevent attacks. Parameterized queries mitigate SQL injection risks. Recommendations include regular software updates, employee training, and penetration testing to bolster security. Paper underscores the necessity of employing various protection methods to safeguard information systems comprehensively. By integrating multiple layers of defense, organizations can mitigate operational vulnerabilities, prevent unauthorized access, and maintain data integrity, thereby fostering trust among users and stakeholders in the digital realm. 2024-12-04T11:50:18Z 2024-12-04T11:50:18Z 2024 Статья Govorova, S., Ishchenko, T., Khatsukova, A., Melnikov, S., Govorov, E. Methods of Safe Processing of User-Entered Information in Information Systems // Lecture Notes in Networks and Systems. - 2024. - 863 LNNS. - pp. 89-96. - DOI: 10.1007/978-3-031-72171-7_9 https://dspace.ncfu.ru/handle/123456789/29303 en Lecture Notes in Networks and Systems application/pdf Springer Science and Business Media Deutschland GmbH |
| institution |
СКФУ |
| collection |
Репозиторий |
| language |
English |
| topic |
Cross-site scripting User-entered information Parametrized queries SQL injection Sanitization Validation |
| spellingShingle |
Cross-site scripting User-entered information Parametrized queries SQL injection Sanitization Validation Govorova, S. V. Говорова, С. В. Ishchenko, T. Ищенко, Т. Khatsukova, A. Хацукова, А. Melnikov, S. V. Мельников, С. В. Govorov, E. Y. Говоров, Е. Ю. Methods of Safe Processing of User-Entered Information in Information Systems |
| description |
The paper delves into the critical importance of information security, particularly in user input processing tools, within the contemporary. It highlights the exponential growth of data types and volumes in information systems, emphasizing the consequent rise in vulnerabilities exploited by attackers. Common attack methods like SQL injection, cross-site scripting, and buffer over-flow are discussed alongside the risks posed by inadequate user training in information security. The authors analyze the risks that arise when processing data entered by the user. Based on analysis, it is suggested to use comprehensive security measures, including validation, sanitization, and parameterized queries, to counteract these threats. Validation ensures data correctness both client-side and server-side, while sanitization removes invalid characters to prevent attacks. Parameterized queries mitigate SQL injection risks. Recommendations include regular software updates, employee training, and penetration testing to bolster security. Paper underscores the necessity of employing various protection methods to safeguard information systems comprehensively. By integrating multiple layers of defense, organizations can mitigate operational vulnerabilities, prevent unauthorized access, and maintain data integrity, thereby fostering trust among users and stakeholders in the digital realm. |
| format |
Статья |
| author |
Govorova, S. V. Говорова, С. В. Ishchenko, T. Ищенко, Т. Khatsukova, A. Хацукова, А. Melnikov, S. V. Мельников, С. В. Govorov, E. Y. Говоров, Е. Ю. |
| author_facet |
Govorova, S. V. Говорова, С. В. Ishchenko, T. Ищенко, Т. Khatsukova, A. Хацукова, А. Melnikov, S. V. Мельников, С. В. Govorov, E. Y. Говоров, Е. Ю. |
| author_sort |
Govorova, S. V. |
| title |
Methods of Safe Processing of User-Entered Information in Information Systems |
| title_short |
Methods of Safe Processing of User-Entered Information in Information Systems |
| title_full |
Methods of Safe Processing of User-Entered Information in Information Systems |
| title_fullStr |
Methods of Safe Processing of User-Entered Information in Information Systems |
| title_full_unstemmed |
Methods of Safe Processing of User-Entered Information in Information Systems |
| title_sort |
methods of safe processing of user-entered information in information systems |
| publisher |
Springer Science and Business Media Deutschland GmbH |
| publishDate |
2024 |
| url |
https://dspace.ncfu.ru/handle/123456789/29303 |
| work_keys_str_mv |
AT govorovasv methodsofsafeprocessingofuserenteredinformationininformationsystems AT govorovasv methodsofsafeprocessingofuserenteredinformationininformationsystems AT ishchenkot methodsofsafeprocessingofuserenteredinformationininformationsystems AT iŝenkot methodsofsafeprocessingofuserenteredinformationininformationsystems AT khatsukovaa methodsofsafeprocessingofuserenteredinformationininformationsystems AT hacukovaa methodsofsafeprocessingofuserenteredinformationininformationsystems AT melnikovsv methodsofsafeprocessingofuserenteredinformationininformationsystems AT melʹnikovsv methodsofsafeprocessingofuserenteredinformationininformationsystems AT govorovey methodsofsafeprocessingofuserenteredinformationininformationsystems AT govoroveû methodsofsafeprocessingofuserenteredinformationininformationsystems |
| _version_ |
1842245576888942592 |