{"schema_version":"1.0","canonical_url":"https://patentable.app/patents/US-8499170","patent":{"patent_number":"US-8499170","title":"SQL injection prevention","assignee":null,"inventors":[],"filing_date":"2008-10-08T00:00:00.000Z","publication_date":"2013-07-30T00:00:00.000Z","cpc_codes":["G06F","G06F","G06F"],"num_claims":34,"abstract":"Hackers and other malicious users are prevented from injecting harmful SQL into a database and from retrieving confidential data. SQL statements formed by an application in response to user input (e.g., user Id and password), are scanned and compared to patterns of SQL commands and data embodied in one or more anti-SQL injection policies. If there is a match, the SQL statement is in violation of the policy. A severity level of the violation may be checked, for example, it may be determined whether the violation is critical or non-critical (normal). Different actions are taken depending on the severity of the violation. If the violation is critical, the SQL statement is dropped and the administrator is notified immediately and a trace of the violation is provided. If the violation is not critical, the data is retrieved and is compared against data in a confidential data registry. If any of the data is found to be confidential, that data is encrypted and then sent to the hacker. The hacker is not able to use or read the encrypted confidential data."},"analysis":{"summary":null,"layman_explanation":null,"technical_analysis":null,"business_analysis":null,"faqs":null,"topics":[],"tech_cluster":null},"seo":{"title":"SQL injection prevention","description":"Hackers and other malicious users are prevented from injecting harmful SQL into a database and from retrieving confidential data. SQL statements formed by an application in response to user input (e.g","keywords":[]},"attribution":{"source":"Patentable","source_url":"https://patentable.app","canonical_url":"https://patentable.app/patents/US-8499170","license":"CC-BY-4.0-like","license_terms":"AI-generated analysis on this page (summary, layman_explanation, technical_analysis, business_analysis, faqs) may be reused with attribution and a visible link back to the canonical URL above. Patent abstracts, claims, and bibliographic data are USPTO public domain.","required_link":"https://patentable.app/patents/US-8499170","citation_suggestion":"Patentable. \"SQL injection prevention\" (US-8499170). https://patentable.app/patents/US-8499170","copyright_holder":"Nomic Interactive Technology LLC"},"links":{"html":"https://patentable.app/patents/US-8499170","json":"https://patentable.app/api/llm-context/US-8499170","site":"https://patentable.app","llms_txt":"https://patentable.app/llms.txt"},"generated_at":"2026-05-30T18:03:43.619Z"}