We present a practical protection mechanism against SQL injection attacks. Such attacks target databases that are accessible through a web front-end, and take advantage of flaws in the input validation logic of Web components such as CGI scripts. We apply the concept of instruction-set randomization to SQL, creating instances of the language that are unpredictable to the attacker. Queries injected by the attacker will be caught and terminated by the database parser. We show how to use this technique with the MySQL database using an intermediary proxy that translates the random SQL to its standard language. Our mechanism imposes negligible performance overhead to query processing and can be easily retrofitted to existing systems.
Read the rest of this entry »

• 0 Comments

O*NET, the Occupational Information Network, is replacing the Dictionary of Occupational Titles (DOT) as a source of occupational information. O*NET is a database—not a book, like the DOT. This database has the qualities of both an interactive library and a language.

Serving as a library for information on the working world, O*NET allows everyone to access data on job characteristics and worker attributes. It includes information on the knowledge, skills, abilities, interests, preparation, contexts, and tasks associated with 1,122 O*NET occupations.
Read the rest of this entry »

• 0 Comments

The ASPIRA Association web site provides its users the capability to create “virtual communities” which allows interaction among like-minded individuals. The building block for establishing this interactivity are called “groups”.

What are groups and what function they have?
Groups are a collection of users who can share access to protected resources and tools. A group enables users with permissions (ASPIRA Staff members) to create and manage their own groups. ASPIRA Official groups are created by the webmaster, which has special permissions including the ability to delete the group the owner created.
Read the rest of this entry »

• 0 Comments

Everybody who wants to install a web server database but does not know which software is necessary and how it is installed should benefit from reading this text. This text provides all information necessary to get a SQL database for a web server going; it does not go into any detail of CGI programming, nor does it explain the SQL database language. Excellent books are available on both topics, and it is the intention of this text to provide a working platform based on which a user can then study CGI programming and SQL. For getting a small scale SQL system running (not the notorious example of a major airline booking system, or space mission management database) it will be sufficient to have the software described in this text and the documentation accompanying it. The user manual of msql (a database introduced in this text) provides sufficient information on SQL for building your own database.
Read the rest of this entry »

• 0 Comments

This document guides you through the installation of the Postfix mail transportation agent (MTA), the Cyrus IMAP server. The goal is a fully functional high-performance mailsystem with user-administration with Web-cyradm, a webinterface. Data like virtualusers, aliases etc. are stored in a mysql database.
Read the rest of this entry »

• 0 Comments

Web 2.0 is a buzzword we have been hearing for over 2 years. According to Wikipedia, it hints at an improved form of the World Wide Web where technologies such as weblogs, social bookmarking, RSS feeds, photo and video sharing, based on an architecture of participation and democracy that encourages users to add value to the application as they use it. Web 2.0 enables social networking on the Web by allowing users to contribute content, share it, rate it, create a network of friends, and decide what they like to see and how they want it to look like.
Read the rest of this entry »

• 0 Comments

The Oracle Academy’s Hosted Database offering provides web-enabled access to an Oracle database for schools that have experienced IT staff to teach database fundamentals using their own curriculum. Using Oracle’s HTML DB web interface, schools harness the power of the Oracle database to teach students relational database concepts. Because this service is hosted by Oracle, there is no need to install or maintain any hardware or software.
Read the rest of this entry »

• 0 Comments

This IBM® Redpaper gives a example of procedures to restore the Microsoft® SQL 2000 and 2005 using SnapManager®.There are options discussed that depend on the type of disaster, the type of data recovery, and the type of system on which the disaster applies.
Read the rest of this entry »

• 0 Comments