I am working on a site that has some sensitive user information. Can anyone point me to resource that discusses the weaknesses in the system from a security perspective? Is there any best practice security information available regarding locking down access to the database, encrypting the connection string, other preventative measures etc?
I would like to know information regarding, for instance, if it is possible to only allow a write to a db field (e.g. a member phone number) but it is not possible to read back out that information from the DB.
If there are any DBA's out there with security/testing experience please let me know for a potential (paid) involvement in the project.
DB security issues
I am working on a site that has some sensitive user information. Can anyone point me to resource that discusses the weaknesses in the system from a security perspective? Is there any best practice security information available regarding locking down access to the database, encrypting the connection string, other preventative measures etc?
I would like to know information regarding, for instance, if it is possible to only allow a write to a db field (e.g. a member phone number) but it is not possible to read back out that information from the DB.
If there are any DBA's out there with security/testing experience please let me know for a potential (paid) involvement in the project.
is working on a reply...