Stack Overflow
Stack Overflow

Questions tagged [database-security]

218 questions
1
vote
1 answer

Providing anonymity between database tables

I have a MySQL table containing names, email addresses etc. for users (table 1). I also want another table (table 2) in which data generated by the user, but intended to be anonymous (such as workplace reviews), are stored. In the event of someone…
Rob
  • 128
  • 1
  • 7
  • 29
1
vote
1 answer

List role users as a standard user

Normal user can not , because of insufficient privileges , list database users that belong to a certain role. Execute as does not seem to work (in a stored procedure). Listing only returns current user. My question: How can I have a normal user…
user763539
  • 3,509
  • 6
  • 44
  • 103
1
vote
1 answer

Get a document name based in the rules

I'm searching to add a rule in my Firestore database. The rule is to allow write documents if the document equal the request.auth.uid. I don't know how to search the name of my document in the rules. This is my code where is missing this part…
Jéwôm'
  • 3,753
  • 5
  • 40
  • 73
1
vote
1 answer

what is the difference between creating a profile and a policy to restrict a user in Oracle?

Taking a course on Oracle database security, I have learned profiles are being created to restrict access of some users to some resources.On the other hand, we have functions and policies, which can restrict users too, but I cannot clear the…
shirin
  • 152
  • 1
  • 14
1
vote
1 answer

Connecting to an encrypted database after changing encryption key in OrientDB

I am new to OrientDB and working on database encryption. Can anyone please guide me about followings: How to encrypt database in OrientDB? and more importantly, can we execute quires on the encrypted database? I tried to enable AES encryption but…
usamakhanzada
  • 11
  • 1
  • 1
1
vote
1 answer

SQL SERVER Is an account with execute, read, write permission more or less the same thing as a db owner?

Is there a difference between having db_owner vs having execute/read/write permissions granted? Is it safer, or no difference at all? Are there any considerations to be taken into account when deciding between one or the other?
user7792598
  • 177
  • 1
  • 6
  • 17
1
vote
2 answers

Failed assembly deploy due to non-matching SIDs

Database names and logins are anonymized in what follows. There are some answers on SO that are similar to this situation, but not exactly the same, hence my question. Attempting to deploy an assembly to production database FOO_PROD fails with…
Joe
  • 965
  • 11
  • 16
1
vote
0 answers

Do I need to register my SSL certificate in IIS and SQL Server?

I have purchased an SSL certificate and installed it using IIS on my remote system. So I can therefore access my remote system using https://myremotesite.co.uk. All is fine, it seems to work; users can register and login to my remote site and…
Richard Hammond
  • 105
  • 8
1
vote
2 answers

How do I secure the data in my winform's SQL 2005 Express database?

I have a c# winform application that uses SQL 2005 Express. The application creates math and reading quizzes and is marketed to parents of school-aged children. The parents purchase and download SQL files containing quizzes from my website and…
Frederick
  • 213
  • 1
  • 5
  • 14
1
vote
1 answer

Grant privilege to role with admin option Vs Grant role to user with admin option?

I am little confused between following two CASES, though I know the result but I am not very convinced with the reason behind it. Need help from database experts. (Say) A role ROLE1 is created along with USER1 and USER2 by dba connect /as…
user1612078
  • 555
  • 1
  • 7
  • 22
1
vote
1 answer

Database Security in Winform application

I developed a Winforms application with SQL Server 2008 R2 database for one my friends. When I deployed & installed it on my friend's PC; software clearly shows database file. If he open that file in SQL Server, then he can able to watch my SQL…
user3260083
  • 11
  • 2
1
vote
1 answer

should I create a separate table for password and usernames?

hello am wondering if it's better to store the usernames and passwords in a separate table if I used hashing? also is there any link to read more about databases security I have read about hashing and rainbow tables thanks here is someone's opinion…
Mohammad Istanboli
  • 755
  • 1
  • 8
  • 19
1
vote
0 answers

Granting scripts access to postgres schema

My team has created a Postgres database and I'm trying to work on some security concerns. Quick background: We are moving from an Oracle DB to Postgres DB. With Oracle we used multiple db to store data that is concidered sensitive when placed…
Baylock
  • 11
  • 4
1
vote
1 answer

How to make a table and/or database accessible to service accounts only? SQL Server 2012

I am trying to establish a very secure table(s). As a matter of fact, I prefer the same settings to apply to all tables within the database. Basically, this database would contain sensitive information: PersonID, CreditCard, Names, Address,…
LearnByReading
  • 1,813
  • 4
  • 21
  • 43
1
vote
2 answers

How to set DENY permissions on a data user

For a .net application we can store database connectionstrings like so I am trying to get as little as permissions as possible but there always seems to be a different way. To get info. I am using the…
Filling The Stack is What I DO
  • 6,553
  • 14
  • 54
  • 86
1 2 3
14 15