![]() | Only 14 pages are availabe for public view |
Abstract Automating our life is the most important goal these days for governments, organizations, public service corporations, etc. This includes the automation of our paper transactions. Organizations these days, invest huge amount of money in developing computer applications to automate their daily transactions inside and outside the organization. Computer applications tend to digitize all types of data. Digitizing data facilitates sharing and accessing data. Computer applications use databases to store data. They use DataBase Management Systems (DBMSs) to manage, manipulate and facilitate accessing data for users of the organization. DBMSs are also used to ensure that privacy policies of the organization are committed. This means that DBMSs must restrict the access of users to their authorized resources only and protect data from anomalous behaviors of users. Due to the valuable data stored in databases, an enormous number of attacks on databases has been observed in the last two decades. These attacks come from both internal and external users. Internal users use their authorities to attack databases by issuing Structured Query Language (SQL) injections. External users hack network systems and log in as legitimate users to access unauthorized resources of database. They also use web applications to inject malicious queries to attack back-end database. |