Stack Overflow
Stack Overflow

Questions tagged [database-security]

218 questions
0
votes
1 answer

How to add and improve security for Oracle 11g Database which is open open publicly?

I just inherited a legacy ERP system on my new job which has Oracle 11g database. ERP is based on Java and Oracle forms. It is so old that it needs IE to run and a specific JRE 8.121 requirement. So with the current system, users can access the ERP…
Sicnarf
  • 5
  • 3
0
votes
1 answer

Postgresql client authentication issue

I am struggling with the postgresql's access control file pg_hba.conf... it's never happy, and all I want to do is straight forward: A) Allow access to ALL from localhost B) Allow access to ALL from 10.8.0.* (VPN) C) Deny ALL remaining I've read the…
CoolStraw
  • 5,282
  • 8
  • 42
  • 64
0
votes
1 answer

Clarification on Oracle DB Audit Configuration - Settings

I have read information regarding audit configuration of in Oracle 12c, however, looking for some clarification. Some information I read led to some confusion. The audit config I am reviewing has the following settings: audit_sys_operations TRUE …
Roger B.
  • 1
0
votes
1 answer

Global Audit Table in SQL Server

While looking at some tables in my schema, it occured to me if I could create a global audit table, which might contain some information on DML entries on all tables. I'd like to store 'Table name', 'Modifier', 'Row Update/Insert/Delete query',…
user2338150
  • 479
  • 5
  • 14
0
votes
1 answer

View and table security conflict resolution

I have a SQL Server 2017 instance with 5 databases on it. A, B, C, D, E. Database A holds nothing but schemas and views. There is one schema for each of the subsequent databases on the instance (A, B, C, D, E) and each schema has 50 - 150 views it…
SSISPissesMeOff
  • 412
  • 1
  • 5
  • 15
0
votes
1 answer

How to restrict access to users to a specific schema?

I am trying to grant users access to a specific schema. What this means is they will be able to access objects in a specific schema and create/alter/manage objects only in that specific schema. have tried executing below code but that looks like it…
Vardhan
  • 402
  • 5
  • 13
0
votes
0 answers

Is it overkill to encrypt an SSN before inserting into a database that is encrypted with TDE?

Our database is encrypted with TDE (Transparent Data Encryption). All the data in the database is encrypted. But when you access the database (e.g. SQL Server Management Studio) when logged in as an approved user on the domain, you do not see…
Johnny Tisdale
  • 139
  • 10
0
votes
0 answers

How to manage MySQL connections in a microservices architecture

I have the gist of how to connect to a MySQL server, however my dilemma is using passwords. Here are some of the things I am looking at. Architecture will be 1 core service which as of right now will be set up as a digest authentication service.…
Maxs728
  • 591
  • 2
  • 8
  • 18
0
votes
1 answer

Always encrypted feature in SQL Server - how to protect certificate?

I've got on the same computer (Win server 2012 R2 Datacenter) a web app being built on ASP.NET and a SQL Server 2017. Goal is to secure sensitive data on the database in case someone gains access to this computer. I've used Always Encrypted feature…
DrMad
  • 11
  • 1
0
votes
0 answers

SQL Server Trace Files Filling Up Agent Drive

Background: SQL Compliance Manager is collecting files on an Agent Server to audit and once the trace files collect on the Agent the Compliance Manager agent service account moves these files to the Collection Server folder, processes them and…
AK37
  • 33
  • 6
0
votes
2 answers

SQL Server 2008 R2 : restrict server login from seeing all but 2 databases on server

On my server that is hosting SQL Server 2008 R2, I open SSMS and under Security -> Logins there is a login named "SomeLoginName". When I log in to the server with this login, I am able to see all of the databases on the server. I would like to…
Gharbad The Weak
  • 1,541
  • 1
  • 17
  • 39
0
votes
0 answers

How to secure database access on firestore?

I am working on a hospital project where each doctor must have access to his/her patient's documents and his/her own documents only. Here is my current db structure: I will give doctors, their passwords by hand. So that's why, I am thinking about…
No N
  • 151
  • 2
  • 11
0
votes
1 answer

Securing the contents of a .sql file

So, I'm done backing-up my database file, but as we all know, the contents of a .sql file can be modified using notepad or notepad++, I am looking for any suggestions on how to secure it (like with a password maybe?), so not anyone could modify its…
GenesisTepait
  • 63
  • 1
  • 10
0
votes
1 answer

Python tests to functions relying on a MySQL user and connetion

I am writing a Python test class with methods relying on a connection to a MySQL database. The purpose of the test class is to test another class used for simplifying interaction with the same database. The interaction is managed through pymysql…
GSEL
  • 51
  • 1
  • 2
  • 8
0
votes
0 answers

Data encrypting safetly

I developed MVC.NET Core 2 web application for my customer. I used .NET Framework Core and MS SQL Server 2017 Express. I have table in database: CREATE TABLE [dbo].[AppUser]( [Id] [bigint] IDENTITY(1,1) NOT NULL, [LoginName] [nvarchar](250)…
Davecz
  • 1,199
  • 3
  • 19
  • 43
1 2 3
14 15