Proposing SQL Statement Coverage Metrics: Difference between revisions

← Older edit Newer edit →

@@ Line 105: / Line 105: @@
 == 3. Coverage Criteria ==
+We define two criteria for input validation testing coverage. Client-side input validation can be bypassed by attackers <sup>[7]</sup>. Therefore, we only measure the coverage of server-side code. The followings are basic terms to be used to define input validation coverage criteria.
+* Target statement: A target statement (within our context) is a SQL statement which could cause a security problem when malicious input is used. For example, consider the statement
+  java.sql.Statement.executeQuery(String sql)
+A SQL injection attack can happen when an attacker uses maliciously-devised input as explained in Section 2. Let '''T''' be the set of all the SQL statements in an application.
 == 9. References ==