Theses and Dissertations Collection

Structured Query Language injection attacks still remain one of the most commonly occurring and exploited types of web application vulnerabilities. A considerable amount of research concerning Structured Query Language injection attacks mitigation techniques has found that the primary solution requires developers to utilize secure development techniques. However, the standard practice for many current web applications, including web application coding tutorials, does not implement well-known secure design principles or secure development techniques.

Because most websites do not use secure development techniques or do not apply them correctly, within the last ten or so years , hundreds of millions of private data records have been compromised in high-profile data breaches, resulting in billions of dollars in economic losses and unrecoverable privacy losses. One commonality of the data breaches is the standard practice, in a web application, for the front-end and middleware processes to have root privileges to the complete database management system. This practice is in stark opposition to the well-known secure design principle of least privilege introduced 40 years ago. Enforcing least privilege at all levels of a web application would help prevent and mitigate future data breaches.

This dissertation describes a systematic, semi-automated, formal and repeatable process for converting a web application and its corresponding back-end database from a non-least privilege implementation into a least privilege implementation. The steps needed for this redesign and semi-automated refactoring process are explained through the use of two case studies. Case study one is based on the SEED Labs Structured Query Language injection attack web application. Case study two is based on the OWASP Mutillidae II web application. Each case study also describes the formal access control model and associated toolset used to aid and partially automate this systematic conversion.

The evaluation of the results suggests that this novel process is effective at modeling web applications security policies, as well as mitigating and preventing attacks. With the help of the modeling and automation capabilities provided by this approach and associated toolset, least-privilege-based web application hardening may be implemented by web developers on current and new web applications regardless of their knowledge of secure design principles. This novel systematic modeling approach shows great promise toward helping web developers better understand the security model of web applications. Furthermore, the associated toolset may lead to further automating the web application hardening process through the application of the principle of least privilege.