Database Security

• Communication is typically unencrypted, therefore restrict it beyond the firewall.
• Enforce database level security
  • Create database users
  • Grant access for specific objects and actions (SELECT, INSERT, DELETE, UPDATE)
• Use separate users and permissions for web and maintenance access.
• Careful where you store the database access passwords (client applications)
• Keep in mind statistical attacks

• PreviousPassword Authentication
• Contents
• NextApplication Security

 Last change: Friday, July 4, 2003 3:03 pm
 Unless otherwise expressly stated, all original material on this page created by Diomidis Spinellis is licensed under a Creative Commons Attribution-Share Alike 3.0 Greece License.