BestHub
Sign in
Tag

database security

0 views collected around this technical thread.

IT Xianyu
IT Xianyu
Apr 24, 2025 · Databases

PostgreSQL DBA Guide: Permission Minimization, Log Analysis with pgBadger, and Security Hardening

This tutorial explains why DBAs need security hardening and log analysis, shows how to configure minimal‑privilege roles and precise permissions in PostgreSQL, demonstrates how to detect and revoke redundant privileges, and provides a step‑by‑step guide to installing and using pgBadger for log analysis and automated reporting.

DBAPermission ManagementPostgreSQL
0 likes · 8 min read
PostgreSQL DBA Guide: Permission Minimization, Log Analysis with pgBadger, and Security Hardening
Aikesheng Open Source Community
Aikesheng Open Source Community
Feb 27, 2025 · Information Security

Improving Data Export Workflows and Security: From 1.0 to 2.0 with Classification and Dynamic Approval

This article examines the security challenges of data export work orders in MySQL environments, outlines the shortcomings of the original 1.0 workflow, and presents a comprehensive 2.0 redesign that introduces dynamic approvals, data classification, execution‑plan analysis, and code‑level solutions to mitigate data leakage risks.

Approval WorkflowMySQLSQL parsing
0 likes · 15 min read
Improving Data Export Workflows and Security: From 1.0 to 2.0 with Classification and Dynamic Approval
Tencent Cloud Developer
Tencent Cloud Developer
Jan 14, 2025 · Information Security

Can Database Signatures Prevent Tampering? An Analysis of Financial Risk Controls

The article revisits the debate on tampering with WeChat balances, explaining that joint database signatures can detect but not stop alterations, that risk‑control checks and code safeguards block unauthorized withdrawals, that identity verification prevents cross‑account transfers, and that a layered, real‑time monitoring system is essential for robust fund protection.

SignatureWeChatdatabase security
0 likes · 6 min read
Can Database Signatures Prevent Tampering? An Analysis of Financial Risk Controls
Efficient Ops
Efficient Ops
Nov 26, 2024 · Information Security

When Ops Go Wrong: Real Database Deletion Cases and Their Legal Fallout

This article reviews several high‑profile incidents where operations staff deleted or sabotaged critical databases, detailing the legal consequences, financial losses, and lessons for improving security and operational safeguards.

data loss preventiondatabase securityinformation security
0 likes · 7 min read
When Ops Go Wrong: Real Database Deletion Cases and Their Legal Fallout
Efficient Ops
Efficient Ops
Nov 13, 2024 · Information Security

How Leading Companies Stop Insider Data Theft: Real Ops & Security Practices

This article compiles practical insights from Zhihu discussions and real‑world experience on preventing insider spying and tampering with databases, covering least‑privilege policies, mutual supervision, strict access controls, audit mechanisms, and cultural factors that shape effective information security operations.

Access ControlOperationsaudit
0 likes · 11 min read
How Leading Companies Stop Insider Data Theft: Real Ops & Security Practices
Java Tech Enthusiast
Java Tech Enthusiast
May 3, 2024 · Databases

MySQL Data Recovery: Strategies for Handling Accidental Deletion

The article explains how to respond to accidental MySQL data deletion by analyzing loss causes, choosing recovery methods such as mysqldump backups, binary‑log point‑in‑time restores, or Percona’s InnoDB tool, provides step‑by‑step commands, and recommends preventive practices like regular backups, transactions, and strict permissions.

Data RecoveryMySQLTransaction
0 likes · 3 min read
MySQL Data Recovery: Strategies for Handling Accidental Deletion
php中文网 Courses
php中文网 Courses
Apr 10, 2024 · Information Security

Preventing SQL Injection in PHP Using mysqli_real_escape_string

This article explains how SQL injection attacks can compromise web applications and demonstrates how to securely handle user input in PHP by using the mysqli_real_escape_string function to escape special characters before constructing SQL queries, thereby protecting the database from malicious exploitation.

PHPSQL injectionWeb Development
0 likes · 4 min read
Preventing SQL Injection in PHP Using mysqli_real_escape_string
Full-Stack Internet Architecture
Full-Stack Internet Architecture
Jan 8, 2024 · Information Security

Understanding SQL Injection and Prevention with Spring Boot and MyBatis

This article explains the concept of SQL injection, demonstrates a vulnerable query example, and provides a step‑by‑step Spring Boot and MyBatis implementation—including table creation, Java controller, service, DAO, mapper, and configuration—to illustrate how proper parameter handling prevents injection attacks.

JavaMyBatisSQL injection
0 likes · 10 min read
Understanding SQL Injection and Prevention with Spring Boot and MyBatis
Laravel Tech Community
Laravel Tech Community
Sep 18, 2023 · Databases

Why MySQL May Not Be Suitable for Containerization and When It Can Be

The article examines the challenges of running MySQL in Docker containers, highlighting data‑security, performance, state, and resource‑isolation concerns, while also presenting scenarios and strategies where containerizing MySQL can be viable.

ContainersDistributed DatabasesDocker
0 likes · 7 min read
Why MySQL May Not Be Suitable for Containerization and When It Can Be
Aikesheng Open Source Community
Aikesheng Open Source Community
Sep 13, 2023 · Databases

Verifying OceanBase Transparent Data Encryption Using ob_admin dumpsst

This article demonstrates how to configure transparent encryption in OceanBase 4.1.0.0 Enterprise, create encrypted and non‑encrypted tables, perform major merges, and use the ob_admin dumpsst tool to inspect macro blocks, confirming that encrypted data is not readable while non‑encrypted data is visible.

OceanBaseTransparent Encryptiondatabase security
0 likes · 17 min read
Verifying OceanBase Transparent Data Encryption Using ob_admin dumpsst
Aikesheng Open Source Community
Aikesheng Open Source Community
Sep 12, 2023 · Databases

Understanding MySQL 8.0 Password Policy Options and Common Misunderstandings

This article analyzes MySQL 8.0 password‑related parameters, explains the meaning of NULL values in the mysql.user table, demonstrates how global settings interact with per‑user attributes, and clarifies the priority rules between password_history and password_reuse_interval through practical test scenarios.

ALTER USERCREATE USERDatabase Administration
0 likes · 9 min read
Understanding MySQL 8.0 Password Policy Options and Common Misunderstandings
Aikesheng Open Source Community
Aikesheng Open Source Community
Aug 30, 2023 · Information Security

Configuring Transport Encryption for OceanBase (OBServer and ODP)

This guide explains how to prepare the environment, enable SSL transport encryption for OceanBase OBServer and ODP via OBProxy, configure certificates and whitelist settings, and verify the encryption using MySQL and RPC ports, while highlighting common pitfalls and reference links.

OBproxyObserverOceanBase
0 likes · 7 min read
Configuring Transport Encryption for OceanBase (OBServer and ODP)
Aikesheng Open Source Community
Aikesheng Open Source Community
Jul 19, 2023 · Databases

Understanding MySQL Permission Conflict Between USAGE and GRANT OPTION

This article explains why a MySQL user granted both USAGE and GRANT OPTION on a database can see schema information but cannot query table data, demonstrates the issue with local tests, and provides proper REVOKE commands to cleanly remove the conflicting permissions.

GRANT OPTIONMySQLPermissions
0 likes · 9 min read
Understanding MySQL Permission Conflict Between USAGE and GRANT OPTION
Aikesheng Open Source Community
Aikesheng Open Source Community
Jun 27, 2023 · Information Security

Comparison of User Management and Access Control between OceanBase (MySQL Mode) and MySQL

This article compares OceanBase (MySQL mode) and MySQL in terms of user management, password syntax, user locking, permission levels, grant statements, grant tables, network white‑list access control, row‑level security, and role management, highlighting similarities, differences, and migration considerations.

Access ControlMySQLOceanBase
0 likes · 18 min read
Comparison of User Management and Access Control between OceanBase (MySQL Mode) and MySQL
Code Ape Tech Column
Code Ape Tech Column
May 28, 2023 · Backend Development

Implementing Fuzzy Search on Encrypted Sensitive Fields in MySQL with Spring Boot

This article explains how to enable fuzzy search on encrypted sensitive fields such as phone numbers and ID numbers in a MySQL database by using Spring Boot, AOP, tokenized ciphertext mapping tables, and encrypted keyword queries to balance security and query performance.

BackendMySQLSpring Boot
0 likes · 11 min read
Implementing Fuzzy Search on Encrypted Sensitive Fields in MySQL with Spring Boot
Aikesheng Open Source Community
Aikesheng Open Source Community
May 12, 2023 · Databases

SQLE 2.2305.0-pre2 Release Notes: New DB2 Metadata and TOP SQL Scanning Features

The SQLE 2.2305.0-pre2 release introduces enterprise‑grade DB2 table‑metadata and TOP SQL scanning tasks, expands audit rule support, provides detailed release notes and links to documentation, repositories, and demo environments for database users and administrators.

DB2Release NotesSQL auditing
0 likes · 5 min read
SQLE 2.2305.0-pre2 Release Notes: New DB2 Metadata and TOP SQL Scanning Features
Aikesheng Open Source Community
Aikesheng Open Source Community
Feb 3, 2023 · Databases

SQLE 2.2302.0-pre3 Release Notes and Feature Overview

The SQLE 2.2302.0-pre3 release introduces a preview version of the SQL audit tool with enhanced SQL Server audit plugin, new rule support, context-aware auditing, rollback generation, and several UI optimizations, while providing links to repositories, documentation, and demo environments.

Release NotesSQL ServerSQL audit
0 likes · 4 min read
SQLE 2.2302.0-pre3 Release Notes and Feature Overview
Aikesheng Open Source Community
Aikesheng Open Source Community
Nov 3, 2022 · Databases

Using MySQL AES_ENCRYPT and AES_DECRYPT for Data Encryption

This article explains MySQL's native data encryption capabilities, detailing the AES_ENCRYPT/AES_DECRYPT functions, their parameters, storage considerations, example usage, and best‑practice recommendations for secure and efficient encryption of sensitive fields.

AESMySQLSQL
0 likes · 8 min read
Using MySQL AES_ENCRYPT and AES_DECRYPT for Data Encryption
Tencent Cloud Developer
Tencent Cloud Developer
Sep 13, 2022 · Databases

Implementing a Transparent Data Encryption Framework for Database Security

The article presents a transparent data‑encryption framework for database security that uses an AOP‑based driver interceptor to rewrite SQL, encrypt/decrypt sensitive fields, manage performance with locks and caching, support configurable algorithms via SPI/YAML, and guide a three‑phase migration with minimal code intrusion.

AOPData EncryptionSPI
0 likes · 11 min read
Implementing a Transparent Data Encryption Framework for Database Security
Aikesheng Open Source Community
Aikesheng Open Source Community
Aug 19, 2022 · Databases

SQLE 1.2208.0-pre3 Release Notes: New MySQL Audit Rules and Scenario‑Based Auditing

The SQLE 1.2208.0-pre3 preview release introduces several new MySQL audit rules, scenario‑based audit mode enhancements, a detailed release notes list, bug fixes, and links to documentation and previous versions, providing a comprehensive overview for database users and administrators.

MySQLRelease NotesSQL audit
0 likes · 7 min read
SQLE 1.2208.0-pre3 Release Notes: New MySQL Audit Rules and Scenario‑Based Auditing