Question

In: Computer Science

7. (a) Do you think application-level authentication is superior to operating system authentication? Explain. (b) Discuss...

7. (a) Do you think application-level authentication is superior to operating system authentication? Explain. (b) Discuss how a SQL injection attack works. (c) Differentiate between in-band and out-of-band SQL injection attacks.

Solutions

Expert Solution

7.

(a) The operating system, authentication can be exploited by a hacker using an exploit, so it makes it more vulnerable and exploitable but in application-level authentication authenticated access to a server is needed so having an exploit, doesn't make much of a difference. That's why application-level authentication is more reliable and secure and thus superior.

(b) SQL injection attacks is one of the most common web hacking technique. a successful SQL injection attack can give hackers unauthorized access to sensitive data like passwords.user information.

hacker finds a vulnerability in the SQL code of the webpage input and can exploit it by placing malicious code in the SQL statement.

example. suppose a website has a field for input of user ID, and a user put input like 100 OR 2=2

UserID = 100 OR 2 = 2

SELECT * FROM Users WHERE UserID = 100 OR 1=1;

then the SQL query will return information as the condition is true.

(C).

In-band SQL injection out-of-band SQL injection

In-band SQL injection is a very common type of SQL injection.

same communication channel for both attack and gather result.

It can be done by exploit error messages in web pages with SQL injection.

it can be done using union operators (SQL UNION) and inserting SQL commands.

Out-of-band SQL injection is a very rare type of SQL injection.

It is rare because it depends on features on the server-side which are enabled and being used by the webpage.

the communication channel is different, so can't use same channel to attack and gather results.

The channel through which request is made has to be consistent.


Related Solutions

Discuss which mobile operating system you prefer and explain why. Why do you believe or don't...
Discuss which mobile operating system you prefer and explain why. Why do you believe or don't believe -- that the Google Android OS has the current market share majority?
application that uses linux operating system amd justify the linux operating system. provide a suitable application...
application that uses linux operating system amd justify the linux operating system. provide a suitable application that uses linux os and justify the usage of linux os in the considered application.
a.)    What do you understand by the term system automation? b.)    Why do you think that automation is...
a.)    What do you understand by the term system automation? b.)    Why do you think that automation is important in our day to day activities – discuss c.)     There is the fear that automation will replace human activities resulting in unemployment. Do you align with this assertion? Support you claim with relevant points d.)    What is the difference between robotics and automation?
what do you think about Epocrates application?
what do you think about Epocrates application?
What do you think are some system-level changes the healthcare system can adopt to address health...
What do you think are some system-level changes the healthcare system can adopt to address health literacy?
Discuss precedent and how it is used in our legal system. Do you think it is...
Discuss precedent and how it is used in our legal system. Do you think it is the correct system? Is there a better way? Use any examples you feel help make your case. Please read your classmates answers and comment on 1 other students answers. As always, be respectful. Is it better to have predictable answers or ever changing legal answers?
The operating system provides an interface between application programs and the computer hardware. Discuss the process...
The operating system provides an interface between application programs and the computer hardware. Discuss the process of the execution of any application program on the hardware using all managers of the operating system.
The operating system provides an interface between application programs and the computer hardware. Discuss the process...
The operating system provides an interface between application programs and the computer hardware. Discuss the process of the execution of any application program on the hardware using all managers of the operating system.
The operating system provides an interface between application programs and the computer hardware. Discuss the process...
The operating system provides an interface between application programs and the computer hardware. Discuss the process of the execution of any application program on the hardware using all managers of the operating system.
Why do you think the Windows operating system has been so successful in this market segment?...
Why do you think the Windows operating system has been so successful in this market segment? Why haven't the Mac or Linux operating systems been as successful within the desktop market? What future changes can you expect to see in the Windows, Mac, or Linux operating systems?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT