Exploring injection prevention technologies for security-aware distributed collaborative manufacturing on the Semantic Web

Security is one of the key challenges for the development of distributed collaborative manufacturing systems. Most of the access control models of collaborative systems cannot prevent illegal accesses to column/row levels of a database table, which could be caused by command injection. This paper firstly presents the possible injection attacks in RDBMS -based collaborative system on the Semantic Web and gives their classification. Based on this classification, the paper then describes an attempt at detecting command injections to the distributed collaborative manufacturing systems by comparing the inputs related nodes that are intended with the resulting parse tree in run time. To validate the proposed approach, a prototype system called “ SemGuard ” has been developed. By testing on two commonly used RDF databases and one real Semantic Web application, it shows that SemGuard is efficient, taking less than 10 ms overhead to protect the context information of a distributed collaborative manufacturing system.