Proposing an innovative TCS Key as a prevention measure from the SQL injection attacks and vulnerabilities

摘要

Due to the various Web server vulnerabilities and procedure of the inflexibility leads to a Web server script for attacks was increasing. These attacks mostly use ASP or PHP scripting injections. Website rapid expansion based on both ASP and PHP are also slowly becomes the mainstream. Attacks through SQL injection use the insert harmful character in their attack technology. The attacker using input data legitimacy detection not strictly or not detection characteristics, deliberately in a different way from client submit special code to manipulate data, thus collection procedures and server information, obtain the desired information. In this paper, we are proposing a new interface of the user login page and a methodology of generating the secret key. That will improves the security system of the websites have important or confidential information of the users like banks, reservation system, etc.