Collaborate Disseminate
I want to optimize my SQL queries, which run too slow on my production DB.
To do this efficiently, I was suggested to give access to the SQL developer.
The information on the DB is commercially sensitive.
So I thought about… Continue reading How can I create a dummy DB for developer? (original has many tables and values like decimal int text)
I am not sure if this is correct place to ask this question. I am building a software where user can verify his profile background like legal background, defaulter in loan etc.
I believe it is public data that government is … Continue reading People Data API [on hold]
For a GDPR (EU General Data Protection Regulation) implementation, I need to encrypt some personal information. There are two ways we can encrypt the data:
Let the web application have the sole responsibility of encrypting and decrypting… Continue reading Data Encryption by Application vs Data Encryption in Database
I am currently looking for an existing implementation method to generate logging of accesses and of usage of a series of MySQL databases by developers (not services) for further auditing. My current estimate is that all traff… Continue reading How can I log access and usage of a MySQL database?
I need advice what database i should use, for my client and server infrastructure, it must be intended to save a small amount of users data. Voldemort which is a database designed by LinkedIn, and MariaDB whos preprocessor is… Continue reading Voldemort vs MariaDB [on hold]
I’m a bit new to coding backend services. And I’m not sure how to solve this problem.
So users in an iOS app can be authenticated with Cognito and afterwards gain the rights to invoke lambda functions that connect to an RDS … Continue reading Is AWS Cognito vulnerable to MITM when using iOS with Lambda and RDS
Assuming I implement the literal SQL-injection on an HTTP endpoint with a read-only user that limits execution time to e.g. some amount of seconds. What’s the worst that could happen? I know simple attacks could be just flood… Continue reading What kinds of attacks are possible with credentials to a read-only Postgres user?
A traditional database holds the data in each column and then has a relational ID to tie that row to a parent (e.g. a user’s ID) so it can be found in a query.
Taking the same scenario but this time E2E is in place, is the … Continue reading How is end-to-end encrypted data stored in a database?
I work for a government agency, and we’ve been requested via a freedom of information request for the layout of the tables of one of our systems, a data dictionary and schema design request.
What are the dangers in sharing t… Continue reading Security concerns in disseminating database design?
I would like to (1-way) anonymise some bounded, numeric data attributes (e.g. age, optimistically bounded by 0 and 200), whilst still retaining the ability to use the resulting data in an index for database queries such as X … Continue reading How to anonymise a numeric data attribute, whilst preserving indexability?