This holiday season Packt brings to you attractive discounts on its ebooks. Therefore, in keeping with the festive spirit, we are pleased to announce 30% discount off all Packt eBooks. The offer doesn't end there - on purchases of two or more eBooks you will get 45% off on each eBook.The offer ends on 4th January 2010.Grab your copy NOW!Read Seasonal eBook Offer: Up to 45% off in full
In this tutorial by Christer Edwards, we will look at steps toward encrypting removable media such as USB thumb drives for secure management of personal data. This tutorial will walk the reader through seven steps required toward identifying, formatting and encrypting a removable disk for use as a secure partition.Read Securely Encrypt Removable Media with Ubuntu in full
In this article, by Matjaz B. Juric, author of WS-BPEL 2.0 for SOA Composite Applications with IBM WebSphere 7, we will get familiar with basic security concepts of WebSphere Application Server regarding protection of BPEL processes. We will create and protect a web service export of a BPEL process by user authentication, which requires providing a username and password inside the UsernameToken of the WS-Security specification.Read Securing a BPEL process in full
In the early days of the web, Internet was mostly used for academic purposes. Hence, all communications protocols had very little or no focus on security. The situation started changing as more and more public and commercial services started moving online and common users started actually using Internet in their daily routine. With the increase of user base we see the emerge of the malicious groups of users, the so-called hackers that are focused mostly on information theft and illegal usage. Nowadays it is quite common to be attacked by hacker(s). In fact it is so common and frequent that it is reported that only the USA's cyber attacks generate costs up to 10 billion dollars every year. The purpose of this article is to introduce you to web security while focusing on Moodle.
In this article by Darko Miletić, author of the book Moodle Security, we will cover the following topics:
- Moodle and security
- Weak points
- The secure Moodle installation
- Quickly securing Moodle
For almost all organizations, data security is a matter of prestige and credibility. The Oracle Database is one of the richest in features and the most used database in a variety of industries, where security is essential. In this article by Adrian Neagu, author of Oracle 11g Anti-hacker's Cookbook we will learn how to secure data at rest and will cover:
- Using block device encryption
- Using filesystem encryption with eCryptfs
- Using DBMS_CRYPTO for column encryption
- Using Transparent Data Encryption for column encryption
- Using TDE for tablespace encryption
- Using encryption with data pump
- Using encryption with RMAN
(For more resources on Oracle, see here.)Read Securing Data at Rest in Oracle 11g in full
In this article by Satya SK Jayanty, author of the book, Instant SQL Server Analysis Services 2012 Cube Security, explains that a bit of background on leaf members and non-leaf members is necessary to know how the data is managed at cell level.
The cell value in a cube can be obtained in multiple ways; it can be directly retrieved from the fact table of the cube. The identification of a cell value and its members is leaf members that have no child members or hierarchy that reference a single record in a dimension table.
Further on this cell can be identified by using non-leaf members, members that have one or more child members. The cell value is derived (typically) from the aggregation of child members.Read Securing data at the cell level (Intermediate) in full
In this article, by Sharan Oberoi & Amit Sachdev, author of Microsoft Dynamics NAV Administration, we will discuss the NAV Security Architecture including security recommendations and best practices. Securing our applications is of paramount importance these days. Security becomes even more critical when it is our organization's financial data that needs to be protected.
Essentially, there are a few components of securing the Dynamics NAV application. They are as follows:
- Network security
- Hardware security
- SQL database and Classic database security
- Dynamics NAV access—roles, users, logins, and permissions
Celebrate Moodle March with Packt and get exciting discounts and offers on all Moodle books through out this month. For more information click here.
Moodle is an open source CMS (Course Management System) /LMS (Learning Management System) /VLE (Virtual Learning Environment). Its primary purpose is to enable educational institutions and individuals to create and publish learning content in a coherent and pedagogically valuable manner, so that it can be used for successful knowledge transfer towards students.
When we talk about Moodle data we are referring to both the user and the course information and binary files that are within the platform. In this article by Darko Miletic, author of Moodle Security, we will focus our attention to the protection and separation of internal Moodle data between valid platform users. The topics we will cover include:
- User information protection
- Course information protection
In this article by Christer Edwards, we will explore FreeBSD Jails. FreeBSD Jails are a kernel-level security mechanism which allows you to safely segregate processes within a sandbox environment. Jails are commonly used to secure production network services like DNS or Email by restricting what a process can access. In the case of a malicious attack on one service, all other Jailed processes would remain secure. FreeBSD Jails securely limits, in an administratively simple way, the amount of damage an attacker can do to a server.Read Securing Network Services with FreeBSD Jails in full
OpenSSO is the answer to many complexities that have emerged during recent years because of the complexity and dynamicity of the security functionality required for software systems. The complexity in software security increases as a result of the increase in complexity of security requirements of the target business that the software should drive and diversity in the integration between different partner's software systems that collaborate to complete a client request.
In this article by Masoud Kalali, author of GlassFish Security, we will discuss how to go about securing our application using OpenSSO.Read Securing our Applications using OpenSSO in GlassFish Security in full
In this article by Ken Finnigan, Luca Stancapiano and Piergiorgio Lucidi , authors of GateIn Cookbook, we will cover
Securing with JBoss AS
Securing with Tomcat
Choosing the JAAS modules
Creating a login page
In this article by Sudheesh Narayanan, the author of the book Securing Hadoop, we look at the Hadoop ecosystem which consists of various components such as Hive, Oozie, and HBase. We need to secure all the other Hadoop ecosystem components.
In this article, we will look at the each of the ecosystem components and the various security challenges for each of these components, and how to set up secured authentication and user authorization for each of them.Read Securing the Hadoop Ecosystem in full
This article by David Overton covers the process of finishing the network protection and routing setup and configuring the protection of the data on the server. We will cover:
- Configuring the firewall ports
- Configuring and testing backups
- Configuring anti-malware
In this article by Prasenjit Sarkar, author of the book VMware vCloud Security, we will focus on creating access control policies based on logical constructs such as VMware vCenter Server containers and VMware vCloud Networking and Security Security Groups, but not just physical constructs such as IP addresses.Read Securing vCloud Using the vCloud Networking and Security App Firewall in full
The web services model brings into the system unique security challenges because the business data in the form of XML documents may be required to travel across untrusted networks and has the chance of being manipulated by external systems.
Throughout the entire business transaction, different classes of users and systems need access to the entire business transaction. If any part of this chain is compromised, the whole business application deployed as a service will fail. Web services are inherently about how to share the process of computing across a distributed network of systems. Web services' communication channel being XML, messages are text-based, readable, and self describing.Read Securing XML Documents in full
As an information system, JIRA is all about data. It should come as no surprise to you that security plays a big role in JIRA not only to ensure that only the right people get access to the data, but also to maintain data integrity by preventing accidental changes.
By the end of the article by Patrick Li, author of JIRA 4 Essentials, you will have learned:
- How to utilize user management features in JIRA
- About JIRA's permission hierarchy
- About general access control in JIRA
- How to manage fine-grained permission settings
Even though a trixbox system is a phone system, it is still a basic computer system like any other. One of the problems that we face is that extensions and VoIP service providers typically come into the system over the open Internet; this means that certain aspects of our system are wide open to the outside world. During the week that this article was written, several new scripts came out that allowed people to scan machines over the Internet, find systems that are running Asterisk, get the list of available extensions, and then hack the passwords. These tools allow a malicious hacker to get into your system and start making long-distance phone calls. There were numerous instances of companies with phone bills reaching into the thousands and even tens of thousands of dollars. Because of issues like this, it is more imperative than ever that you understand how to properly secure your trixbox server from the outside world. In this article by Kerry Garrison, we will focus on how to secure the trixbox server.Read Securing Your trixbox Server in full
In this article by John Horton, PrestaShop 1.3 Beginner's Guide, we shall:
- Look at ways your shop can be damaged
- Add users, profiles, and permissions to increase security
- Talk about and optionally implement SSL to protect your customers' private information
- Learn how to backup and restore your shop in case everything else fails
- Talk about upgrading PrestaShop and how this helps keep your business secure