Data Validation, Data Neutralization, Data Footprint: A Framework Against Injection Attack

ABSTRACT

Untrusted data validation is an important part of software security, yet most current validation techniques fall short in two ways: they lack practicality when it comes to validating data in large scale, real life applications, and they do not clearly identify the different goals of handling untrusted data securely. In this paper, we clarify the different, independent problems that “data validation” should solve, and we provide a clear and detailed three step process to data validation: a “data validation” step to protect the application itself against malicious users, a “data neutralization” step to protect other applications from malicious users of the application, and a “data footprint” step to protect against attacks on future, unforeseen components that will be connected to the application.