Physical Sciences and Mathematics Commons^™

Authentication And Sql-Injection Prevention Techniques In Web Applications, Cagri Cetin

USF Tampa Graduate Theses and Dissertations

This dissertation addresses the top two “most critical web-application security risks” by combining two high-level contributions.

The first high-level contribution introduces and evaluates collaborative authentication, or coauthentication, a single-factor technique in which multiple registered devices work together to authenticate a user. Coauthentication provides security benefits similar to those of multi-factor techniques, such as mitigating theft of any one authentication secret, without some of the inconveniences of multi-factor techniques, such as having to enter passwords or biometrics. Coauthentication provides additional security benefits, including: preventing phishing, replay, and man-in-the-middle attacks; basing authentications on high-entropy secrets that can be generated and updated automatically; …