SQL Injection: A Demonstration and Implications for Accounting Students
Document Type
Article
Digital Object Identifier (DOI)
10.3194/1935-8156-11.1.1
Journal Title
AIS Educator Journal
Publication Date
2016
Abstract
The purpose of this paper is to present a pedagogical case that demonstrates how a prevalent cybersecurity threat, SQL Injection (SQLi), operates. Prompted by questions from students such as: “How do cybersecurity threats work?” and “What specific actions can organizations take to mitigate cybersecurity threats?”, this paper demonstrates the technical inner-working of SQLi. Students first answer background questions on SQLi and then simulate SQLi in both a Microsoft Access and web-based environment.
Publisher Statement
The AIS Educator Association sponsors the AIS Educator Journal, a peer-reviewed outlet for scholarship that benefits accounting information systems (AIS) education. The AIS Educator Journal is online and open access (freely available to the public).
© 2016 AIS Educator Association
Recommended Citation
Henderson, David, Michael Lapke, and Christopher Garcia. 2016. “SQL Injection: A Demonstration and Implications for Accounting Students.” AIS Educator Journal 11 (1): 1–8. https://doi.org/10.3194/1935-8156-11.1.1.
Comments
Additional issues of the AIS Educator Journal can be viewed at: https://meridian.allenpress.com/aisej/issue.