Towards Secure SPARQL Queries in Semantic Web Applications using PHP (Extended Version)
This addresses security vulnerabilities for PHP developers working on Semantic Web applications, though it appears incremental as it applies known attacks to a specific domain.
The paper investigated SPARQL/SPARUL injection attacks on Semantic Web applications built with PHP, quantifying their impacts on data confidentiality, integrity, and availability breaches.
The Semantic Web (SW) is a significant advancement in the field of Internet technologies and an uncharted territory as far as security is concerned. In this paper we investigate and assess the impact of known attacks of SPARQL/SPARUL injections on Semantic Web applications developed in PHP. We highlight future challenges of developing robust Semantic Web applications using PHP. Our results demonstrate and quantify impacts on Confidentiality, Integrity and Availability (CIA) breaches of data in Semantic Web applications. Our recommendations are targeted to PHP developers, to encourage them to integrate security as early in their design and coding practice as possible.