Fork: 0
INFO202 / labs
Transfer to URL with SHA Find file
Newer
Older
labs / tiddlywiki / tiddlers / content / labs / lab13 / _Labs_13_Introduction.md
@Mark George Mark George on 2 Oct 2020 608 bytes Added HTTPS section to lab 13
Raw Blame History 
Last week, we worked on finding and fixing security flaws in the web application.  This week we will do the same with the database.  We need to address the following problems:

   * Use transport encryption to secure data as it travels over the network.
   * Use accounts with appropriate privileges to connect to and run the SQL statements on the database.
   * Check our JDBC DAOs for SQL injections.
   * Check our JDBC DAOs for dangerous use of the `merge` statement.
   * Encrypt the database files.
   * Using transport encryption to secure JDBC operations.
   * Salt and hash the customer's passwords.