Building secured applications with Oracle & .Net
Yesterday’s evening I gave a talk at the first meeting of the Israel Oracle .Net Forum, the talk focused on building secured application with Oracle & .Net.
During the talk we’ve talked about how to build secured application, I've started with a brief background of secured development and then entered to four main points:
Securing the connection string
Input Validation
Authentication
VPD&RLS
The lecture was great… at least i enjoyed it :-)
Several of the features mentioned in this session and are missing badly from sql server features like Proxy Authentication as an identity transfer transporter while marinating connection pooling,Virtual Private Databases – It was so easy to declare AOP like operations…
You can download the talk ppt over here
Demos:
Data Protection API Demo
Access Control List Demo
Buffer Overrun demo
Oracle Proxy Auth, Client Identifier, Sql Injection Demo
Virtual Private Database Scripting