Techniques for Securing Data Exchange between a Database Server and a Client Program

The goal of the presented work is to illustrate a method by which the data exchange between a standalone computer software and a shared database server can be protected of unauthorized interceptation of the traffic in Internet network, a transport network for data managed by those two systems, interceptation by which an attacker could gain illegetimate access to the database, threatening this way the data integrity and compromising the database.Comment: 6 pages, exposed on 5th International Conference "Actualities and Perspectives on Hardware and Software" - APHS2009, Timisoara, Romani

S-Store: Streaming Meets Transaction Processing

Stream processing addresses the needs of real-time applications. Transaction processing addresses the coordination and safety of short atomic computations. Heretofore, these two modes of operation existed in separate, stove-piped systems. In this work, we attempt to fuse the two computational paradigms in a single system called S-Store. In this way, S-Store can simultaneously accommodate OLTP and streaming applications. We present a simple transaction model for streams that integrates seamlessly with a traditional OLTP system. We chose to build S-Store as an extension of H-Store, an open-source, in-memory, distributed OLTP database system. By implementing S-Store in this way, we can make use of the transaction processing facilities that H-Store already supports, and we can concentrate on the additional implementation features that are needed to support streaming. Similar implementations could be done using other main-memory OLTP platforms. We show that we can actually achieve higher throughput for streaming workloads in S-Store than an equivalent deployment in H-Store alone. We also show how this can be achieved within H-Store with the addition of a modest amount of new functionality. Furthermore, we compare S-Store to two state-of-the-art streaming systems, Spark Streaming and Storm, and show how S-Store matches and sometimes exceeds their performance while providing stronger transactional guarantees

An Analysis of Various Methods to Identify Web Based Applications Vulnerabilities

Recently Web based applications takes a noteworthy palace in people’s daily routine furthermore as in progress of nation’s different domains as well. Web based applications have undergone a reasonably express improvement within the last few decades and their appreciation is moving faster than that was predictable few years ago. Presently, huge volumes of transactions are prepared online using various Web based applications. Even though these Webs based applications are utilized by a lot of people, in some cases the defense level is vulnerable, and that compiles them prone to obtain negotiation. In most of the eventualities, a client has to be recognized previous to any contact is set upped with the backend data. A precipitate client shouldn't be permitted entrée to the scheme without legal credentials. However, a crafted injection query provides illegal entrée to illegal clients. This is regularly accomplished via SQL Injection input. In spite of the occurrence of dissimilar procedures to discover and avoid SQL injection, still there stays a shocking threat into Web based applications. While working on this paper, we studied and did analysis on various manners of SQL Injection vulnerabilities, different types of assaults, and their recognition and avoidance techniques. Flanking we present our assessment of this analysis. We also clarified future research direction for probabilities and possible expansion of challenge proceedings against different web application attacks. Keywords: Vulnerability, SQL injection, XSS, Web based application, WWW, ID

Optimizing Anti-Phishing Solutions Based on User Awareness, Education and the Use of the Latest Web Security Solutions

Phishing has grown significantly in volume over the time, becoming the most usual web threat today. The present economic crisis is an added argument for the great increase in number of attempts to cheat internet users, both businesses and private ones. The present research is aimed at helping the IT environment get a more precise view over the phishing attacks in Romania; in order to achieve this goal we have designed an application able to retrieve and interpret phishing related data from five other trusted web sources and compile them into a meaningful and more targeted report. As a conclusion, besides making available regular reports, we underline the need for a higher degree of awareness related to this issue.Security, Phishing, Ev-SSL, Security Solutions

Leveraging Synergy Between Database and Programming Language Courses

Undergraduate courses in database systems and programming languages are frequently taught without much overlap. This paper argues that there is a substantial benefit to emphasizing some areas of commonality, both old and new, between the two subjects. Examples of cross-fertilization that may be used to enhance one of both of the courses include query language design and implementation, object-relational mapping, transactional memory, and various aspects of the recent NoSQL movement