andrewbb

Forum Replies Created

Viewing 15 posts - 1 through 15 (of 15 total)

RE: How to hide stored procedures from user?

Eric M Russell (10/5/2015)
Ideally, each application or user account should be a member of a role, and the only additional permissions for each role should be execution on only the...

October 5, 2015 at 11:08 am

#1831480
RE: How to hide stored procedures from user?

EdVassie (10/5/2015)
If you think that hiding objects will make your system more secure then you are wrong. At best it will give you a warm fuzzy feeling of security,...

October 5, 2015 at 10:48 am

#1831472
RE: President Xi's and President Obama's agreement to curb economic cyberspying.

Jeff Moden (9/27/2015)
andrewbb (9/27/2015)
Jeff Moden (9/27/2015)
There are two problems with you're good solutions, IMHO...
1. They're usage is not enforceable.
2. They only address a small part of the problem.
It...

September 27, 2015 at 6:14 pm

#1829776
RE: How to hide stored procedures from user?

This line of thinking is good. Table structure IS a security risk.
It is good to see some thinking back towards solid n-tier design principles:
Tables
Stored Procedures
Data Access
Business Logical Classes
Application

September 27, 2015 at 1:31 pm

#1829767
RE: President Xi's and President Obama's agreement to curb economic cyberspying.

Jeff Moden (9/27/2015)
There are two problems with you're good solutions, IMHO...
1. They're usage is not enforceable.
2. They only address a small part of the problem.
It is a significant...

September 27, 2015 at 12:16 pm

#1829764
RE: How to hide stored procedures from user?

This is one feature of System.Persistence, right out of the box.

September 26, 2015 at 2:06 pm

#1829713
RE: Data access and security standards committee/convention/agency in Texas?

Texas Technology Commission?

September 11, 2015 at 10:18 pm

#1826186
RE: Data access and security standards committee/convention/agency in Texas?

Here's the letter:
September 9, 2015
Texas State Capitol
1100 Congress Ave.
Austin, Texas 78701
Dear Sirs and Madams,
The attached 3 plans are public information and ready for immediate dissemination and implementation:
1.A standard public...

September 11, 2015 at 10:17 pm

#1826185
RE: Fool-proof access to a database for security

Jayanth_Kurup (9/9/2015)
If your looking for comments on the code behind
try catch block and validations come to min.
At database side date format and timezone info could be useful.
You could use...

September 10, 2015 at 8:32 pm

#1825872
RE: Data access and security standards committee/convention/agency in Texas?

I forwarded the simplicity of data access to the House and Senate at the state Capitol in Texas. We will see what happens.

September 8, 2015 at 7:15 pm

#1825307
RE: Data access and security standards committee/convention/agency in Texas?

I walked the idea around the capitol for a couple of days last week. Trying again in the morning tomorrow.

September 8, 2015 at 12:46 am

#1825047
RE: Fool-proof access to a database for security

The Persistence.DLL and some useful SQL Server SPs/Function are attached.

September 8, 2015 at 12:38 am

#1825046
RE: Fool-proof access to a database for security

Request for comments, I suppose.

September 8, 2015 at 12:04 am

#1825044
RE: Application Development for SQL Server

You might have a look at my thread:
http://www.sqlservercentral.com/Forums/Topic1717648-2799-1.aspx
I can send you the Persistence.dll. It makes things much easier.

September 8, 2015 at 12:01 am

#1825043
RE: What if we locked down all databases to a single interface?

I think it's a first step. It makes it idiot-proof.
While not applicable every situation, it does handle 90+% of all applications. Since the userID would be the first...

August 30, 2015 at 11:35 am

#1823267

Viewing 15 posts - 1 through 15 (of 15 total)