Web Databse Best Practices

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

Web Databse Best Practices

Message

From

07/09/2005 16:45:14

Mark Holmes
Raleigh, North Carolina, United States

All

General information

Forum:

ASP.NET

Category:

Security

Title:

Web Databse Best Practices

Environment versions

Environment:

VB.NET 1.1

OS:

Windows Server 2003

Network:

Windows 2003 Server

Database:

Oracle

Miscellaneous

Thread ID:

01047506

Message ID:

01047506

Views:

I'm researching the "Best Practices" for connecting and securing a public web database. Consider the following:
Web app will be .Net. Database is Sybase 12.5.3 running on Solaris.
The company requires a web server | DMZ | database server topology.

The discussion is between keeping the authentications on a server in the DMZ and having a trusted connection to the db server or having the db server authenticate the users.

One group believes authentications in the DMZ will prevent users from hitting the backend. The other group believes it a waste of time because the database will need to authentication them anyways.

Could you point me to published articles on the subject?

Thank you,

Mark W. Holmes

Software engineers are trained to read and understand code; they are not trained in mind reading. Document the purpose not just the functionality.

Map

View

Click here to load this message in the networking platform