|
December, 2006
In
This Issue
|
|
All articles have been reprinted with the written consent of their respective authors. | ||||||||||||||||
|
||||||||||||||||
|
Enterprise Data Security – A Case Study This article is a case study about an Enterprise Data Security project including the strategy that addresses key areas of focus for database security encompassing all major RDBMS platforms. It presents the current state of database security tools and processes, the current needs of a typical enterprise, and a plan for evolving the data security. This strategy will help set direction for the blueprint of data security and provide a composite high level view of data security policies and procedures for the purpose of satisfying growing regulatory and compliance requirements and develop high level timeline and for all steps of development. This article presents a three steps strategy to address current outstanding audit concerns and positioning to more readily address the evolving regulatory landscape. Click here for the article.
| ||||||||||||||||
|
||||||||||||||||
|
On Conditional Compilation What is PL/SQL conditional compilation, how does it work, and how can I learn more about it? Oracle Database 10g has been groundbreaking when it comes to the world of PL/SQL development, most notably in the evolution of the PL/SQL compiler. This PL/SQL Practices column focuses on the Oracle Database 10g Release 2 feature known as conditional compilation. Oracle Database 10g Release 1 offered an optimizing compiler and compile-time warnings. The PL/SQL optimizer automatically transforms code so that it can run more efficiently (this optimizer is different from the cost-based optimizer, which Oracle Database uses to optimize the execution of SQL statements). Oracle estimates that you can expect to see your PL/SQL statements execute, on average, in half the time they took in earlier versions of Oracle Database. (Note that the PL/SQL compiler affects only PL/SQL statements, not SQL statements, within your programs). Click here for the article.
|
||||||||||||||||
|
||||||||||||||||
|
Transaction Isolation Levels Locking is a tradeoff between concurrency and the amount of resources available. In most transaction processing systems you try to have as few concurrency problems as you can because the obvious job of your system is to collect data. It is difficult to predict all different types of concurrency problems that an application might have; however, some of them are fairly common. Often concurrency problems can be resolved by better application design or improving the logical and physical database models. However, many times redesigning the application is not an option - you only have an opportunity to tune the transactions and locking on the database code level. Click here to see the topic.
In A Nutshell
Interested in learning more tips and techniques for SQL Server? "In A Nutshell"
is what you are looking for. Kevin Kline,
author of O'Reilly's "SQL in a Nutshell" and "Transact-SQL Programming" and President of The Professional Association for SQL Server,
offers tips, techniques and much more. Updated numerous times a week,
there is always valuable material to be had!
Click
here
to see what Kevin is up to in the SQL Server world. | ||||||||||||||||
|
||||||||||||||||
|
Protecting MySQL Sessions With SSH Port Forwarding (Part 1) Security should be a major component of any application you develop. You should consider application security when designing and implementing your application. In a previous article I described how to avoid making your application vulnerable to SQL injection. In this article I will describe how to protect your application from outside interference between the client and server by employing the port forwarding capabilities of SSH. When the mysql client communicates with the MySQL® server, all communication (with the exception of the user password) is done in plain text. The same holds true for the MyODBC driver and all software communicating through it. What this means is that if an unscrupulous individual gets between your client and the server, they can have full access to all information transmitted. In order to protect your information you need to encrypt communications between the MySQL server and the client application, whether it be the mysql client or a MyODBC application. SSH can be used to encrypt communications between the client and server. This is known as SSH tunneling and is actually quite simple to use. One benefit of SSH tunneling is that it allows us to connect to a MySQL server from behind a firewall when the MySQL server port is blocked. Many hosting companies that provide MySQL hosting will block access to the MySQL server from outside the hosting company’s network, and only grant access to users connecting from localhost. As long as the company provides SSH access, you can still connect through port forwarding.
Click here to see this article. | ||||||||||||||||
|
||||||||||||||||
Projects don't always go through an organized sequence of planning, approval and execution. Sometimes a project is in various stages of planning, approval and execution. Before you know it, you can be executing the project and find that team members and stakeholders have varying levels of understanding about the purpose and status of the project. The purpose of the kickoff meeting is to formally notify all stakeholders that the project has begun and make sure everyone has a common understanding of the project and their roles. The kickoff meeting is a time to get all the team members, clients and stakeholders together and formally set the stage for the start of the project. Like all formal meetings, there should be an agenda. There are a number of specific things you want to cover at this meeting.
Click
here for more information on project kickoff meetings. | ||||||||||||||||
|
||||||||||||||||
|
Webcasts
| ||||||||||||||||
|
||||||||||||||||
|
||||||||||||||||
|
||||||||||||||||
|
Interactive Crossword
Puzzle: "The Grinch"
|
||||||||||||||||
|
||||||||||||||||
|
We love getting white papers, tips, articles, and code examples/archives from our readers around the world. Send your submission to newsletter@quest-pipelines.com. If your article is published, it will be mailed to over 28,000 subscribers. Our mission at Quest Software - RevealNet Labs is to anticipate the daily responsibilities and challenges faced by database professionals. Our products help thousands of people solve problems and implement solutions every day. This newsletter is designed to help facilitate the sharing of information among database professionals. About the Newsletter This newsletter is distributed to Quest Software - RevealNet Labs customers, prospects and friends who have subscribed to it from our website. If you would like to unsubscribe, please visit http://qlist01.quest.com/UnsubMailingList/ Subscribe a Friend! Do you know someone who would like to receive the Pipeline Newsletter? If so, please enter their email address in the box below and click SUBMIT.
Past Issues of the Pipeline Newsletter |
||||||||||||||||
