This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Backend Security Project DB2 Hardening"
From OWASP
| Line 13: | Line 13: | ||
== Configuring Authentication == | == Configuring Authentication == | ||
| − | === Encryption | + | === Authentication parameters === |
| + | |||
| + | === Encryption during Authentication === | ||
== Configuring Authorisations == | == Configuring Authorisations == | ||
| Line 26: | Line 28: | ||
=== Administration === | === Administration === | ||
| + | |||
| + | == Auditing & Monitoring == | ||
= References = | = References = | ||
Revision as of 14:44, 23 May 2008
Overview
Historically DB2 has lived on a mainframe and resided in a fairly secure network. More and more we see DB2 exposed to the large world and used as backend for web applications. With these changes in DB2 comes increased risk.
This paragraph has the objectives to define the minimum security requirements for configuring and managing DB2 databases, in terms of access to, configuration and management of the system, and to supply guidelines and operation instructions for system administrators, in order to guarantee the development of secure applications on DB2 platforms.
