Browse > Article
http://dx.doi.org/10.3745/KTCCS.2015.4.3.97

Design of the MS-SQL Password Vulnerability Checking Function Using OLE Remote Connection  

Jang, Seung Ju (동의대학교 컴퓨터공학과)
Publication Information
KIPS Transactions on Computer and Communication Systems / v.4, no.3, 2015 , pp. 97-104 More about this Journal
Abstract
This paper will feature designs for security vulnerability based on MS-SQL Database and OLE connectivity by checking the MS-SQL database password policy, the user account password access attempts, a user without password, and password does not be changed for a period of time. This paper uses the MS-SQL database and C++ linkage in order to use the OLE DB function. The design module should judge presence or absence of security vulnerability by checking database password policy, the user account password access attempts, a user without password, password does not be changed for a period of time. The MS-SQL database password associated with a feature, judging from the many features allows you to check for security vulnerability. This paper strengthen the security of the MS-SQL database by taking the advantage of the proposed ability.
Keywords
Vulnerability; MS-SQL Database; Password Vulnerability; Password Checking; OLE Remote Connection;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Charlie Osborne, "The Top Ten Most Common Database Security Vulnerabilities," http://www.zdnet.com/the-top-ten-most-common-database-security-vulnerabilities-7000017320/
2 Vulnerability Analysis Quality Assurance DB database, http://www.dqc.or.kr/guideline/6-7-0.html
3 Jin-Seong Jeong, "A Study on the Composition of a Secure Database," 2013.
4 SQL Server Password Policy (http://technet.microsoft.com/ko-kr/library/ms161959(v=sql.105).aspx)
5 Tae-Young Kim, "about OLE DB," http://www.taeyo.pe.kr/lecture/9_Board2001/Board2001_02.htm
6 Yu-Kyung Kim, Seung-Cheol Sin, Jun-Seon Ahn, Wook-Sae Lee, Eun-Young Lee, and Hwan-Su Han, "Case study of software security vulnerabilities database," Journal of Information Science, Vol.28, No.2, pp.20-31, Feb., 2010.
7 Dong-Jin Kin, Dong-Woo Seo, Wan-Seok Lee, and Seong-Je Cho, "An Efficient Vulnerability Management System for Utilization of New Information Technologies-related Security Vulnerabilities," Korea Information Science Society Conference 2010 Korea Computer, Vol.37, No.2(B), pp.66-71, 2010.
8 Ji-Hong Kim, Huy-Kang Kim, "Automated Attack Path Enumeration Method based on System Vulnerabilities Analysis," Institute of Information Security, Vol.22, No.5, pp.1079-1090, Oct., 2010.
9 Hyun-A Park, Dong-Hoon Lee, and Taik-Yeong Chung, "Comperhensive Study on Security and Privacy Requirements for Retrieval System over Encrypted Database," Institute of Information Security, Vol.22, No.3, pp.621-635, 2012.
10 Seung-Ju Jang, Sung-Jin Kim "A Study of the Specific IP Vulnerability for the Oracle System", The Comprehensive Winter Conference of Korea Information and Communications Society, pp.392-394, 2014.
11 Woo-Seok Seo, Moon-Seog Jun, "The Management and Security Plans of a Separated Virtualization Infringement Type Learning Database Using VM(Virtual Machine)," Korea Information and Communications Society, Vol.36, No.8, pp.947-953, 2011.   DOI   ScienceOn
12 Seoung-Min Lee, Joon-Seok Oh, and Jin-Young Choi, "Comparative analysis on potential error-possibility and security vulnerability in software," Korea Information Science Society Conference 2010 Korea Computer, Vol.37, No.1(D), pp.106-109, 2010.
13 Cheon-Shik Kim, Hyoung-Joong Kim, and You-Sik Hong, "Technique of Range Query in Encrypted Database," Journal of the Institute of Electronics Engineers-CI, Vol.45, No.3, pp.22-30, May, 2008.