|
Database Security
Database security concerns the use of a broad range of information security controls to protect databases against compromises of their confidentiality, integrity and availability. It involves various types or categories of controls, such as technical, procedural or administrative, and physical. Security risks to database systems include, for example: * Unauthorized or unintended activity or misuse by authorized database users, database administrators, or network/systems managers, or by unauthorized users or hackers (e.g. inappropriate access to sensitive data, metadata or functions within databases, or inappropriate changes to the database programs, structures or security configurations); * Malware infections causing incidents such as unauthorized access, leakage or disclosure of personal or proprietary data, deletion of or damage to the data or programs, interruption or denial of authorized access to the database, attacks on other systems and the unanticipated failure of databa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Privilege Escalation
Privilege escalation is the act of exploiting a Software bug, bug, a Product defect, design flaw, or a configuration oversight in an operating system or software application to gain elevated access to resource (computer science), resources that are normally protected from an application or user (computing), user. The result is that an application or user with more privilege (computing), privileges than intended by the programmer, application developer or system administrator can perform Authorization, unauthorized actions. Background Most computer systems are designed for use with multiple user accounts, each of which has abilities known as Privilege (computing), privileges. Common privileges include viewing and editing files or modifying system files. Privilege escalation means users receive privileges they are not entitled to. These privileges can be used to delete files, view personal data, private information, or install unwanted programs such as viruses. It usually occurs whe ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Patch (computing)
A patch is data that is intended to be used to modify an existing software resource such as a computer program, program or a computer file, file, often to fix software bug, bugs and security vulnerability, security vulnerabilities. A patch may be created to improve functionality, usability, or Computer performance, performance. A patch is typically provided by a vendor for updating the software that they provide. A patch may be created manually, but commonly it is created via a tool that compares two versions of the resource and generates data that can be used to transform one to the other. Typically, a patch needs to be applied to the specific version of the resource it is intended to modify, although there are exceptions. Some patching tools can detect the version of the existing resource and apply the appropriate patch, even if it supports multiple versions. As more patches are released, their cumulative size can grow significantly, sometimes exceeding the size of the resource ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Database Forensics
Database forensics is a branch of digital forensic science relating to the forensic study of databases and their related metadata. The discipline is similar to computer forensics, following the normal forensic process and applying investigative techniques to database contents and metadata. Cached information may also exist in a servers RAM requiring live analysis techniques. A forensic examination of a database may relate to the timestamps that apply to the update time of a row in a relational table being inspected and tested for validity in order to verify the actions of a database user. Alternatively, a forensic examination may focus on identifying transactions within a database system or application that indicate evidence of wrongdoing, such as fraud. Software tools can be used to manipulate and analyse data. These tools also provide audit logging capabilities which provide documented proof of what tasks or analysis a forensic examiner performed on the database. As of 200 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Replication (computer Science)
Replication in computing refers to maintaining multiple copies of data, processes, or resources to ensure consistency across redundant components. This fundamental technique spans database management system, databases, file system, file systems, and distributed computing, distributed systems, serving to improve high availability, availability, fault-tolerance, accessibility, and performance. Through replication, systems can continue operating when components fail (failover), serve requests from geographically distributed locations, and balance load across multiple machines. The challenge lies in maintaining consistency between replicas while managing the fundamental tradeoffs between data consistency, system availability, and Network partition, network partition tolerance – constraints known as the CAP theorem. Terminology Replication in computing can refer to: * ''Data replication'', where the same data is stored on multiple data storage device, storage devices * ''Computation ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
IT Disaster Recovery
IT disaster recovery (also, simply disaster recovery (DR)) is the process of maintaining or reestablishing vital infrastructure and systems following a natural or human-induced disaster, such as a storm or battle. DR employs policies, tools, and procedures with a focus on IT systems supporting critical business functions. This involves keeping all essential aspects of a business functioning despite significant disruptive events; it can therefore be considered a subset of business continuity (BC). DR assumes that the primary site is not immediately recoverable and restores data and services to a secondary site. IT service continuity IT service continuity (ITSC) is a subset of BCP, which relies on the metrics (frequently used as key risk indicators) of recovery point/time objectives. It encompasses IT disaster recovery planning and the wider IT resilience planning. It also incorporates IT infrastructure and services related to communications, such as telephony and data communi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Two-factor Authentication
Multi-factor authentication (MFA; two-factor authentication, or 2FA) is an electronic authentication method in which a user is granted access to a website or Application software, application only after successfully presenting two or more distinct types of evidence (or Authentication#Authentication factors, factors) to an authentication mechanism. MFA protects personal data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password. Usage of MFA has increased in recent years. Security issues which can cause the bypass of MFA are #Fatigue attack, fatigue attacks, phishing and SIM swap scam, SIM swapping. Accounts with MFA enabled are significantly less likely to be compromised. Authentication factors Authentication takes place when someone tries to log into a computer resource (such as a computer network, device, or application). The resource requires ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Database Audit
Database auditing involves observing a database to be aware of the actions of database users. Database administrators and consultants often set up auditing for security purposes, for example, to ensure that those without the permission to access information do not access it. References Further reading *Gallegos, F. C. Gonzales, D. Manson, and S. Senft. Information Technology *Control and Audit. Second Edition. Boca Raton, Florida: CRC Press LLC, 2000. *Ron Ben-Natan, IBM Gold Consultant and Guardium CTO. Implementing Database Security and Auditing. Digital Press, 2005. *KK Mookhey (2005). IT Audit. Vol. 8. Auditing MS SQL Server Security. *IT Audit. Vol. 8 Murray Mazer. Database Auditing-Essential Business Practice for Today’s Risk Management May 19, 2005. Audit An audit is an "independent examination of financial information of any entity, whether profit oriented or not, irrespective of its size or legal form when such an examination is conducted with a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Database Activity Monitoring
Database activity monitoring (DAM, a.k.a. Enterprise database auditing and Real-time protection) is a database security technology for monitoring and analyzing database activity. DAM may combine data from network-based monitoring and native audit information to provide a comprehensive picture of database activity. The data gathered by DAM is used to analyze and report on database activity, support breach investigations, and alert on anomalies. DAM is typically performed continuously and in real-time. Database activity monitoring and prevention (DAMP) is an extension to DAM that goes beyond monitoring and alerting to also block unauthorized activities. DAM helps businesses address regulatory compliance mandates like the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), the Sarbanes-Oxley Act (SOX), U.S. government regulations such as NIST 800-53, and EU regulations. DAM is also an important technology for prot ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Authorization
Authorization or authorisation (see American and British English spelling differences#-ise, -ize (-isation, -ization), spelling differences), in information security, computer security and identity management, IAM (Identity and Access Management), is the function of specifying rights/privileges for accessing resources, in most cases through an access policy, and then deciding whether a particular ''subject'' has privilege to access a particular ''resource''. Examples of ''subjects'' include human users, computer software and other Computer hardware, hardware on the computer. Examples of ''resources'' include individual files or an item's data, computer programs, computer Computer hardware, devices and functionality provided by computer applications. For example, user accounts for human resources staff are typically configured with authorization for accessing employee records. Authorization is closely related to access control, which is what enforces the authorization policy by d ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Authentication
Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an Logical assertion, assertion, such as the Digital identity, identity of a computer system user. In contrast with identification, the act of indicating a person or thing's identity, authentication is the process of verifying that identity. Authentication is relevant to multiple fields. In art, antiques, and anthropology, a common problem is verifying that a given artifact was produced by a certain person, or in a certain place (i.e. to assert that it is not counterfeit), or in a given period of history (e.g. by determining the age via carbon dating). In computer science, verifying a user's identity is often required to allow access to confidential data or systems. It might involve validating personal identity documents. In art, antiques and anthropology Authentication can be considered to be of three types: The ''first'' type of authentication is accep ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Application Server
An application server is a server that hosts applications or software that delivers a business application through a communication protocol. For a typical web application, the application server sits behind the web servers. An application server framework is a service layer model. It includes software components available to a software developer through an application programming interface. An application server may have features such as clustering, fail-over, and load-balancing. The goal is for developers to focus on the business logic. Java application servers Jakarta EE (formerly Java EE or J2EE) defines the core set of API and features of Java application servers. The Jakarta EE infrastructure is partitioned into logical containers. *EJB container: Enterprise Beans are used to manage transactions. According to the Java BluePrints, the business logic of an application resides in Enterprise Beans—a modular server component providing many features, including dec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
