Research on the Security of NGDC Based on ASP

Research on the Security of NGDC Based on ASP
Zhang Li Gong Jianya Zhu Qing
Key Words
active server pages (ASP); national geospatial data clearinghouse (NGDC); geographic information system (GIS); Internet
Abstract
On the basis of the authors? experience of setting up an NGDC Web site, this paper attempts to present some significant aspects about the security of NGDC based on ASP. They include data storing, database maintenance, new technical support and so on. Firstly, this paper discusses how to provide the security of data which is saved in the host of NGDC. The security model of ?New works ?DB Sever-DB-DB Object? is also presented. In Windows NT Server, Internet Information Server (I IIS) is in charge of transferring message and the management of Web sites. ASP is also based on IIS. The advantages of virtual directory technique provide by IIS are emphasized.
An NGDC Web site, at the Research Center of GIS in Wuhan Technical University of Surveying and Mapping is also mentioned in this paper. Because it is only an analogue used for case study, the transmission of digital spatial products is not included in the functions in this NGDC Web site. However, the management of spatial metadata is more important and some functions of metadata query are implemented in it. It is illustrated clearly in the functional diagram of the NGDC Web site.
1 Introduction
Needless to say, it is very important for most GIS users to acquire and integrate the geospatial information from various districts. However, the current situation of geospatial information production and dissemination in the world is still unsatisfactory. On one hand, users do not know where the geospatial data files are stored and what geospatial data is useful for their applications, or have not necessary computer facilities. On the other hand, due to the lack of coordination and cooperation, the duplication of geospatial data production widely exists. Most of geospatial information is stored by different organizations including governmental organizations, commercial companies. What?s more, the lack of geospatial data exchange and sharing mechanism results in relative low benefit of geospatial data use. It is difficult for some products to get necessary information from other producers to integrate with or to update their own databases. In short, the value of geospatial information has not been shown exactly in GIS industry of China.
It is obvious that the information distribution technique based on Internet can play a great role in GIS industry. National Geospatial Data Clearinghouse users will be able to query what geospatial data is being produced, how about is quality, where it is produced, and how to get the geospatial data economically and conveniently.
2 NGDC and ASP technology
As mentioned above, NGDC is a geospatial information distributed network system which is concerned with geospatial data producers, managers and users. So the relationship among them must be harmonized. The NGDC provides the service of geospatial information through internet. In detail, it will allow various data formats to exist in this opened geospatial information service system and it supports the share and query of the geospatial data from different sources. The main mission of NGDC is to offer a means of fast, efficient, safe, economical service of geospatial data provision to users. At the same time, it will offer means for data providers to advertise their new products and collect users? demands and feedbacks in order to promote the geospatial data production.
To date, the model of NGDC is usually described as a provider-oriented model. In this model, every geospatial data provider is linked with internet as an NGDC node... user?s access NGDC nodes through internet and browses the catalogues of geospatial data stored in NGDC, and then they query the metadata about the available products for their applications. After selecting the desired data set, the user can send an order to the relevant producer on-line or by E-mail system. If users can not find the geospatial data available in this NGDC node for their applications, they will be able to access other NGDC nodes.
So the construction of NGDC is concerned with the planning and maintenance of dynamic Web sites linked with internet. Since Active Server Pages (ASP) came out with its peculiar characteristics several years ago, which is applied to the construction of more and more dynamic Web sites in the diverse fields? In comparison with common gateway interface (CGI), ASP is more effective and flexible as a server scripts environment.
With html pages, script commands and active X components, ASP can set up dynamic, interactive and efficient Web server programs. It is not important whether browsers can run those ASP codes, because all of ASP programs including scripts plugged in html, such as VBScript, JScript, are executed in servers. ASP programs will send a series of commands to the script engine, and then the script engine translates the commands into some codes which can be executed by servers. After running the executive codes, the results will be sent by servers to users? browsers in html. In this way, it is sufficient for browsers to have basic function of browse. As a result, the speed of the system increases rapidly.
NGDC Web site provides users with a catalogue of geospatial data entity, data entity and the relevant metadata. Therefore it is inevitable to access various databases in the construction of NGDC. It is convenient to connect database systems with ASP plug-in Active X components, so Web pages can be linked to all kinds of databases which provide ODBC interfaces for other programs. Active X components provide the objects whose tasks are to finish certain functions. So Active X components are of great significance in setting up Web programs.
3 Research on security of NGDC
This paper attempts to present some significant aspects about the security of NGDC base on ASP, such as data storing, database, maintenance, new technical supporting and so on.
3.1 Security of data storing
The information stored in NGDC includes geospatial data, relevant metadata and catalogues of data products. The maintenance of all the information is a very hard task. Of course, the security of data storing is included in it. From the point of system maintenance, the security of data storing in NGDC is concerned with disk error-tolerance and back-up supporting.
With the rapid development of manufacturing technique of hard disk, the life-span of hard disk has been lengthened. Disk error-tolerance decreases usually the possibility of data-losing because of errors of hard disks. It is inevitable that some errors cannot be limited in spite of any error-tolerance system. In order to maintain the security of data, the significance of data should be assessed firstly and so should the loss of data-losing. There are three kinds of dump plans for database or data files: full data dump, increment data dump and combination of them. As in NGDC the need of data back-up depends on its significance.
3.2 Security of database maintenance
As for popular large-scale database systems such as Microsoft SQL Server, Sybase, Oracle, Informix, security maintenance is implemented by four levels of ?New works ?DB Sever-DB-DB Object? security model. Every user has his network login ID and his password, with which the user ID and the password, users can login into network. Take Windows NT Server for example, Windows NT Server provides some security maintaining methods such as encoded password, minimum password length and so on.
In general, network cannot automatically permit its network users to access databases in it. The fact that a user can access databases does not mean that he can automatically access databases in it. Only those users who have their database user IDs stored in system tables in database can access database.
3.3 Security with ASP
In the environment of Windows NT Server, Internet Information Server (IIS) is in charge of distributing information and maintenance of Web sites. ASP is also based on IIS. When users access some ASP files in their browsers, the relevant ASP scripts will run in server and the results will be sent users in Web pages.
Virtual directories are different from physical directories in hosts or servers. Net work administrators may make good use of the mechanism of virtual directory in order to maintain the security. IIS supports virtual directory which plays a great role in the security maintenance of Web sites. Firstly, virtual directory conceals the information about actual directory structure. In normal browsers, users can get the path information of a certain Web site; the directory information of Web sites will be exposed to users linked with Internet. As a result, it is easy for the Web sites to be attacked by hikers. Secondly, it is convenient to transfer the WWW service from one server to another without updating the code in Web pages if there is the same virtual directory structure in two servers. Finally, when putting Web pages into virtual directories, administrators can assign different attributes to the directories. For example, in the construction of NGDC Web site, it is important to put normal html files and ASP files into different virtual directories. The attribute of directories in which normal html files are stored may be ?Read? while the attribute of directories in which ASP files are stored may be ?Execute?. On one hand, it simplifies the maintenance and management of NGDC Web sites. On the other hand, ASP source files will never be sent to user browsers. In other words, hikers cannot get the ASP source codes through their browsers. Thus it improves the security of ASP files.
4 An NGDC model Web site in WTUSM
Some other security aspects in operational model, programming, management in the plan and construction of NGDC should be concerned. As an example the construction of an NGDC model Web site is presented below in order to explain the security maintenance of NGDC in detail. On the basis of authors? research on relevant problems, this NGDC model Web site was planned and deployed in early 1999. As a model project, the purpose of construction of this Web site is to provide some useful experiences for other projects on NGDC. Therefore the process of geospatial metadata plays a great role in this Web site. In fact, there are not actual geospatial data products stored in this NGDC model Web site. The main task of this Web site is to provide relevant geospatial metadata services, so the functions of data product maintenance cannot be found. Geospatial metadata is stored into meta-database in Microsoft SQL Server. With ?New works -DB Sever-DB-DB Object? security model in Microsoft SQL Server, the relations between user and access rights are set up. In order to simplify the problem, those two tasks are assigned to two DB users. One is a user who is the owner of DB objects. (Of course, he has all rights to access, update and delete DB objects); the other is a normal user who can only access DB objects such as tables. While developing ASP programs in the integrate developing environment of Microsoft Interdev, the functions may be fulfilled by script programs running either in clients or in servers. As a result, it improves the confidentiality of ASP programs and the efficiency of NGDC service system.
In the NGDC Web site, something has been done in order to improve the security of operation: a table named providers? information table is stored in NGDC to keep some useful information about relevant geospatial data providers, such as name, ID, passwords, contact methods and son on. The information may be a long, irregular string whose length is less than 1024. It is produced and maintained by NGDC. The providers? information table is stored in the server in NGDC. In this way, data producers provide geospatial products together with their identifying information through Internet.
5 Conclusions
In short, it is very convenient and efficient to distribute geospatial data in the NGDC nodes through internet. On the other hand, with the development and construction of NGDC, there will come more and more challenges and problems about the security of NGDC. Obviously some researches and discussions in this field need to be further carried on.

Jaya
We have two ways to achieve this scenario
1.Going with PCR where we Query No of Years Completed
2. Going for Custom Function
In the above two ways we have to maintain the year of completion in Date Specification Either Manually or Thorugh Dynamic Action which shd automaticallly update....IT00041
I prefer the second one since PCR is some wht complicated

Similar Messages

Claims Based Authentication SPSecurityTokenService.Issue() failed: The security token username and password could not be validated.

Please excuse the lousy table...Its late :-)
I have a multi-server SP2010 farm. Patched up to
Configuration database version: 14.0.6106.5002
My goal is to have a claims based web application that authenticated to ADAM for Extranet. I have configured the servers exactly to MSDN and technet specs (following this spec to the
letter (
http://technet.microsoft.com/en-us/library/ee806882.aspx) to allow the forms side of the web app to authenticate to ADAM.
IT WORKS IN DEV!!! , which is a single server farm. However, it does not work in production. I get the following:
Claims Auth log entries:
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
f2ut
Verbose
Authenticated with login provider. Validating request security token.
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Using membership provider 'ADAMProvider'.
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Doing password check on '[email protected]'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Failed password check on '[email protected]'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Unexpected
Password check on '[email protected]' generated exception: 'System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security
token username and password could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
fo1t
Monitorable
SPSecurityTokenService.Issue() failed: System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password
could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
fsq7
High
Request for security token failed with exception: System.ServiceModel.FaultException: The security token username and password could not be validated.
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)
  at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst)
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo)
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
8306
Critical
An exception occurred when trying to issue security token: The security token username and password could not be validated..
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
f2un
Verbose
Form authentication failed.
I have tried EVERYTHING (well, nt everything, I don’t have the fix I suppose).
I found plenty out there and nothing directly correlates with this issue.
I searched on all parts of the errors I got.
This contains an interesting blurb about setting up access for the apppool id correctly.
That’s not the case for me. It works in dev and the same id are used there.
http://sharepoint-2010-world.blogspot.com/2011/03/adam-forms-based-authentication-in.html
This was good but it doesn’t give specs on what the environment looks like:
http://social.msdn.microsoft.com/Forums/en/sharepoint2010general/thread/557143a6-4b36-4939-bb7f-d62a9335fd18
The was interesting…but I am patched up beyond the June 2011 CU so it’s a moot point:
http://social.technet.microsoft.com/Forums/en-US/sharepoint2010setup/thread/9b8368ef-c5e5-4ead-b348-7b2b5587cfc8
Any and all help would be greatly appreciated!

Hi.
You say its a multiserver farm, do you have more than one web server then?
If thats the case, have you tried accessing the site on each server directly?
Found this for you, maybe that can help?
Troubleshooting Exceptions: System.ServiceModel.FaultException`1
http://msdn.microsoft.com/en-us/library/bb907220.aspx
and this:
SharePoint 2010 Claims Authentication - The security token username and password could not be validated reoccurring every morning
http://social.technet.microsoft.com/Forums/pl-PL/sharepoint2010setup/thread/383f1f9b-5c4a-4e19-b770-2a54b7ab1ca1
and
This seems to be a good guide:
http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/
Good luck
Thomas Balkeståhl - Technical Specialist - SharePoint - http://blksthl.wordpress.com

How do I get rid of the security warning for disc based Flash product

I have a project that use a program called Articulate to turn
powerpoint shows into a more rich flash product with audio, search
capacities, quiz etc. There are multiple sections from multiple
powerpoint files that generate a dozen or so flash files. The flash
files reside in an html shell to allow for navigation. The whole
thing is delivered on disc as a browser based training product.
The problem is that viewing flash from a disc results in a
security alert every time the viewer goes to a flash file. There is
an Articulate theme blog that suggests using a product called
server2go to make the disc function as a server to kinda fool
browsers on the local machine into thinking the disc is a web
server. My client wants the product to allow the users' default
browser. So far, although server2go is supposed to allow this, it
doesn't with the latest version of firefox (client's preferred
browser). I can only get it to work on a select machine or 2 in my
office with IE (server2go default) but it takes forever to launch.
I haven't gotten it to work on any of the client's machines. The
disc (auto launch) just freezes the machines.
Can anyone recommend a better server emulation product, or
tell me another solution to delivering a disc based flash product
without getting the security warning and without making the viewer
change settings on their machine to allow flash to play?
I understand security issues but this makes flash virtually
unusable for this application and I'm dead in the water if I can't
fix it.

Sorry, Ralph has already answered your question. If you need to get your security questions reset, you will have to contact iTunes Support:
ACCOUNT SECURITY CONTACT NUMBERS
Cheers,
GB

How to setup the security based on roles in Organization.

Hi,
How to setup the security based on roles in Organization.
For example:Few users are Manager and a few user are Non Manager .Manager should have access to all work data including Non Manager and Non Manager should access based role.How to setup this? How OBI server identify the user role?
kindly let me know.
Regards.,
CHR

Hi,
You need to have Back End support to achieve this. In Back End you need to create two groups . You need to know what joins has to be made for which group (which is more important) and also make session variable for the userrole (with SQL supporting it). In the BMM layer, we need to put the security join conditions in the 'where clause'.
And make a common report. User loggin in with the respective userid will have userrole and joins assigned in the Back end. And they will be viewing the report according to their access.
Hope this will solve your problem.
Regards
MuRam

My main account on my iPad is based off an email address that no longer exists and can not be recreated. On top of that I forgot the password and answers to the security questions. So I can not reset the password. any suggestions?

I Now get constant pop ups to logon to iCloud but it wants a password that I forgot. I also forgot the security question answers. It can not email me a password reset because the email no longer exists and Verizon won't let me recreate it. I know this will sound crazy but when I created the original Apple account with the old email address I put in a bogus birthdate because I do not like giving out personal info.
i Just want to do something to stop the iCloud popups.

Try contacting Support in your country, after confirming your id and that it's your account they should be able to reset its password.
Contacting Apple about account security : http://support.apple.com/en-us/HT5699
If your country isn't on that page then try this form and explain and see what they reply with : https://ssl.apple.com/emea/support/itunes/contact.html
When they've done that update the primary email address on the account to be an account that you have access to e.g. by tapping on it in Settings > iTunes & App Store and logging into it, via the Store > View Account menu option on your computer's iTunes, or via the 'manage your apple id' button on http://appleid.apple.com

The Secure Store Service application Secure Store Service Proxy is not accessible

I am working on setting up a new SharePoint 2013 Farm for our external web site which is currently running on 2010 SharePoint. Because this is an External Website for our organization we have an internally available Publishing Site and there is an Web App
Extension to provide Anon Access to users using the www address. Currently I am doing everything on a single server for testing with HOSTS entries to loop back so I can test with real host headers and not impact the 2010 prod environment. We will be setting
up 2 more WFEs with a NLB before moving this into prod but it isn't there yet. We brought the Site Collection Databases over but are still running in 2010 mode for now.
I migrated a copy of the Secure Store Database over from 2010 and had it put on the 2013 Farm's Database Server. Set up Secure Store and the Secure Store Proxy. I went into the Secure Store Proxy in CA and refreshed the Key with the proper Pass Phrase. After
doing that I could see the Target Application IDs listed. Everything was looking good so I went off to test. If I am on the publishing site I can go to a page that has the solution on it and it operates as expected. It does a query to a non SharePoint database
and returns information filtered based on the search parameters. The only odd thing I see is if I click on the "Site Actions" I get a message "An error has occurred with the data fetch. Please refresh page and retry." Need to look into
that more but it only happens on pages that have these solutions. Maybe a clue. If I go to the Anonymous Access page (www......) and try and use the solution, it immediately (way too quick to appear like it is doing anything) comes back with "The security
token request cannot be completed."
If I dig through the usage logs I am finding the following.
The Secure Store Service application Secure Store Service Proxy is not accessible. The full exception text is: The security token request cannot be completed.
Unexpected exception from endpoint address : https://[Servername]:32844/4e87fd3aabb640fb8cc3ed52188cf5c0/SecureStoreService.svc/https
Logging unknown/unexpected client side exception: InvalidOperationException. This will cause this application server to be removed from the load balancer queue. Exception: System.InvalidOperationException: The security token request cannot be completed.
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForServiceContext(Uri contextUri) at Microsoft.SharePoint.SPChannelFactoryOperations.InternalCreateChannelActingAsLoggedOnUser[TChannel](ChannelFactory`1 factory, EndpointAddress
address, Uri via) at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.GetChannel(Uri address) at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.Execute[T](String operationName,
Boolean validateCanary, ExecuteDelegate`1 operation).
Initially I was fighting a firewall issue because it wasn't working (different errors) on both sides. Had Network Engineers open firewall ports needed and now it works on the publishing side. Still the same error on the Anon side. I suspect I have missed
something when it comes to configuring the Secure Store to allow access to anonymous connections.
Let me know if you need any more information but that should paint a pretty good picture as to how things are set up.
Thanks for any help on this one. Searches haven't found much that has helped so far.

Hi Sennister,
I recommend to verify the things below:
Did this issue occur with all the pages in the anonymous side?
Check if the Claims to Windows Token Service is started.
Change the <identity impersonate="true" /> in the web.config to see if the issue still occurs.
Thanks,
Victoria
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Victoria Xia
TechNet Community Support

Set The Secured Files, Not allow printing and saving to another location

Dear Sir / Madam,
Please help...
Possible to set the security permission for share files, not allow end users to printing and saving a PDF to another location.
Thanks,
Alex Tai

Hi Alex,
Possible to set the security permission for share files, not allow end users to printing and saving a PDF to another location.
Based on my tests, users can save the document with only Read permission, which is by design. If you don’t want users to print files, please do not give the print permissions on printers.
Best Regards,
Amy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

How to get the most current file based on date and time stamp using SSIS?

Hello,
Let us assume that files get copied in a specific directory. We need to pick up a file and load data. Can you guys let me know how to get the most current file based on date and time stamp using SSIS?
Thanks
thx regards dinesh vv

hi simon
i excuted this script it is giving error..
   Microsoft SQL Server Integration Services Script Task
   Write scripts using Microsoft Visual C# 2008.
   The ScriptMain is the entry point class of the script.
using System;
using System.Data;
using Microsoft.SqlServer.Dts.Runtime;
using System.Windows.Forms;
namespace ST_9a6d985a04b249c2addd766b58fee890.csproj
    [System.AddIn.AddIn("ScriptMain", Version = "1.0", Publisher = "", Description = "")]
    public partial class ScriptMain : Microsoft.SqlServer.Dts.Tasks.ScriptTask.VSTARTScriptObjectModelBase
        #region VSTA generated code
        enum ScriptResults
            Success = Microsoft.SqlServer.Dts.Runtime.DTSExecResult.Success,
            Failure = Microsoft.SqlServer.Dts.Runtime.DTSExecResult.Failure
        #endregion
       The execution engine calls this method when the task executes.
       To access the object model, use the Dts property. Connections, variables, events,
       and logging features are available as members of the Dts property as shown in the following examples.
       To reference a variable, call Dts.Variables["MyCaseSensitiveVariableName"].Value;
       To post a log entry, call Dts.Log("This is my log text", 999, null);
       To fire an event, call Dts.Events.FireInformation(99, "test", "hit the help message", "", 0, true);
       To use the connections collection use something like the following:
       ConnectionManager cm = Dts.Connections.Add("OLEDB");
       cm.ConnectionString = "Data Source=localhost;Initial Catalog=AdventureWorks;Provider=SQLNCLI10;Integrated Security=SSPI;Auto Translate=False;";
       Before returning from this method, set the value of Dts.TaskResult to indicate success or failure.
       To open Help, press F1.
        public void Main()
            string file = Dts.Variables["User::FolderName"].Value.ToString();
            string[] files = System.IO.Directory.GetFiles(Dts.Variables["User::FolderName"].Value.ToString());
            System.IO.FileInfo finf;
            DateTime currentDate = new DateTime();
            string lastFile = string.Empty;
            foreach (string f in files)
                finf = new System.IO.FileInfo(f);
                if (finf.CreationTime >= currentDate)
                    currentDate = finf.CreationTime;
                    lastFile = f;
            Dts.Variables["User::LastFile"].Value = lastFile;
            Dts.TaskResult = (int)ScriptResults.Success;
thx regards dinesh vv

Get Current UserName in Infopath always returns the secure store service credential name

I followed the 3 page tutorial here to get the current Display Name in an infopath textbox.https://spvee.wordpress.com/2013/04/10/auto-populate-user-information-in-infopath-with-claims-based-authentication-part-1-of-3/
After several tries I narrowed down the problem to something very specific.
It always shows the Display Name of the user used in the Credentials in the secure store service application. It doesnt use the current user.
I do have access to the farm, but I didnt not install it, so am not aware if something is wrong on IIS/App Pools or service applications.
Any idea??
Follow me on Twitter
levalencia Blog

I followed the 3 page tutorial here to get the current Display Name in an infopath textbox.https://spvee.wordpress.com/2013/04/10/auto-populate-user-information-in-infopath-with-claims-based-authentication-part-1-of-3/
After several tries I narrowed down the problem to something very specific.
It always shows the Display Name of the user used in the Credentials in the secure store service application. It doesnt use the current user.
I do have access to the farm, but I didnt not install it, so am not aware if something is wrong on IIS/App Pools or service applications.
Any idea??
Follow me on Twitter
levalencia Blog

What about the security we support when the BIA is not SSO with EBS

For the following security mode, if all of them need the SSO with EBS?
Operating Unit-Based Security for Oracle EBS
Inventory Org-Based Security for Oracle EBS
Ledger-Based Security for Oracle EBS
Business Group Org-Based Security for Oracle EBS
HR Org-Based Security for Oracle EBS
Human Resource Personnel Data Analyst Security for Oracle EBS
Employee-Based Security for Oracle EBS

well you could do the security in OBIEE as well, but why shouldn't you use SSO?

How to call the secured EJB from timer ejb timedout method.

Hi All,
I have a couple of questions on EJB 3.1 Timer Service.
1. How to call the secured EJB (annotated @RolesAllowed) from Timer EJB @Timeout Method?
2. What's the default role/principal with which the Timer @Timeout Method gets called?
Please let me know any info regarding the same.
Thanks,
Suresh

I'd start here:
http://ant.apache.org/manual/index.html
If that doesn't help, go to the table of contents and start poking around. You don't need to read the whole thing front to back, but if you're not willing to spend some time researching and reading, you're not going to get very far.

II am looking for information on iPad and iPhone apps and Mac software that are "top of the line" for academic research. The most current and comprehensive information I have found is dated July 2010.

I am looking for information on iPad and iPhone apps and Mac software that are "top of the line" for academic research. The most current and comprehensive information I have found is dated July 2010.

PogoPossum,
My area of interest is in business and economic history. There is a considerable amount of reading and charting. Until the iPad hit the streets, I only considered stacks of books, journals, and downloaded documents, all marked up with highlighters, underlines, and marginal notes.
Most of my PC based work involved MS Office, Endnote, and MS OneNote.
What I would like to do with the iPad and MacBook are the same things (Office, Endnote, OneNote) and add the ability to read and markup all forms of printed materials from books to pdf to webpages.
I cut my teeth on an iPod Touch and have tried a lot of the note taking and reading apps. Without a camera the standard iPod Notes works for short quick notes and long think pieces. I just emailed the content and downloaded the stuff to my PC. Obviously, I do not want to continue at this "non-integrated" level of work.
Does this help?
Dick

Migrating ADF Security from file-based provider to LDAP provider

We have deployed a small application using ADF Security with file-based provider in OAS and it works fine.
Now we want to migrate to ADF Security using LDAP provider.
In order to make this possible we followed the next steps:
- Migrate all the roles and policies from the file to OID with JAZNMigrationtool.
- In OAS we've changed the Application Security Provider to 'Oracle Identity Management'.
- Reset the OC4J instance.
But there was no success, the application continues working with the file-based provider.
What more is necessary to configurate?

Hi,
if you use EM make sure you change the setting for the application, not the general OC4J setting.
You can also deploy the provider settings with the orion-application.xml file added to your project
Frank

What Are the Security Implications of not Completely Signing Database?

Hello everyone,
What are the security implications of not completely signing the database?
From http://www.archlinux.org/pacman/ ,
The following quote implies that the database exists merely just in case hand tweaking is necessary:
maintains a text-based package database (more of a hierarchy), just in case some hand tweaking is necessary.
However, considering that there are cases that pacman's local database needs to be restored, there are implications that the database is essential for pacman to function properly.
From https://wiki.archlinux.org/index.php/Ho … l_Database :
Restore pacman's local database
Signs that pacman needs a local database restoration:
- pacman -Q gives absolutely no output, and pacman -Syu erroneously reports that the system is up to date.
- When trying to install a package using pacman -S package, and it outputs a list of already satisfied dependencies.
- When testdb (part of pacman) reports database inconsistency.
Most likely, pacman's database of installed software, /var/lib/pacman/local, has been corrupted or deleted. While this is a serious problem, it can be restored by following the instructions below.
I know that all official packages (from core, extra, community, etc.) are signed so that all files should be safe, but I'm just paranoid.
What if the database was hacked? Will this lead to installation of harmful software?
Sincerely,
Cylinder57
Last edited by Cylinder57 (2012-10-15 03:42:31)

Cylinder57 wrote:
From this quote:
Allan wrote:But, the OP (also?) talks about the local package database on his computer. That is not signed at all as there is no point. If someone can modify that, then they can regenerate the signature, or just modify any other piece of software on your computer.
Is it going to be easy for anyone other than the authorized user to modify the local package database?
Allan basically answered that with the quote above already as I understand it. Someone who has access to the installation, e.g. is able chrooting your PC via USB, is not held back by any ACLs. However, modifying the local database only makes limited sense because the packages are already installed. Pacman would only recheck, if you re-install a package. The only really relevant attack vector for the package database is
(1) installing an older package with a vulnerability,
(2) re-placing the up-to-date package sig in the local database with the older one and
(3) modifying the system, e.g. via pacman.conf excludes, to not update that.
then also re-installing would not create a sig-error and you get stuck with the bogus old package.
With a signed database this would not be possible. However, as Allan wrote earlier also with a signed database that criminal can manually install (totally leaving pacman & package cache) whatever it needs in this scenario. So, if you are -really- paranoid about that, you probably want to spend (a lot of configuring) time with something like the "aide" package.
Cylinder57 wrote:
And, are the following statements correct:
If the repository databases are modified, the hacker might be able to modify the packages on the server (Considering that if someone can modify the local package database, that person can modify any other piece of software on that particular computer.)
However, pacman won't let users from installing the modified packages (due to package signing,) unless at one person with access is bribed (at least, for an individual package.)
I don't know the intricacies of the server infrastructure - only saw they have great names :-), but I am pretty certain your statements assume that correctly. It is pretty unlikely that someone able to modify the central repository database fails at placing a bogus package for shipping with those access rights at this time. Yet it does no harm not to post any details of such a scenario here imo. In any case: A compromised mirror would be enough for that - and easier to achieve (hacked anywhere or e.g. in a non-democratic state). Plus you also answered it yourself. The keys are key for our safety there. Which keeps me hoping that no criminal lawnmover salesmen frequent the Brisbane area.
As you put up a thread about this, one question you can ask yourself is:
Have you always checked on updates new signatures keys which pacman asks about? If you ever pressed "accept/enter" without checking them out-of-band (e.g. the webserver), that compromised mirror database might have just created a "legitimate" key .. user error, but another attack vector the database signing would catch.
edit: Re-thinking the last paragraph just after posting, I now believe it would not be that easy as implied - simply because the bogus key is not trusted by one of the master keys. The pacman pgp trust model should catch that without database signing. At least it would if only the official repositories are activated, but that's a pre-requisite to the whole thread.
Last edited by Strike0 (2012-10-20 23:01:26)

After installing the security update from 21.04.2015 my Phone does not start any more

Hi everybody,
I have installed the update 10052 for my Lumia 535 DS and now it can't be started any more. When starting the phone the two gears appear and start moving but than it's turned off. This happens each time I'm trying to start the phone. Any suggestions to get
my phone running again?
Alexander Allmendinger

Hi Chris, and a warm welcome to the forums!
I think your choices are to...
Reapply the Security update...
http://support.apple.com/downloads/SecurityUpdate_2008_008__Client_PPC
Reapply the Combo update...
The combo update for PowerPC-based Macs...
http://www.apple.com/support/downloads/macosx10411comboupdateppc.html
Repair Permissions afterwards, reboot.
If all the above fails, then it appears to be time for an Archive & Install, which gives you a new OS, but can preserve all your files, pics, music, settings, etc., as long as you have plenty of free disk space...
http://docs.info.apple.com/article.html?artnum=107120
Just be sure to select Preserve Users & Settings.
The usual reason why updates fail or mess things up, is if Permissions are not fixed before & after every update, with a reboot... you may get a partial update when the installer finds it doesn't have Permissions to change one obscure little part of the OS, leaving you with a mix of OS versions.
Some people get away without Repairing Permissions for years, some for only days.
If Permissions are wrong before applying an update, you could get mixed OS versions, if the Disk Directory is the slightest messed up, who knows what could happen!
If many Permission are repaired, or any Directory errors are found, you may need to re-apply some the latest/biggest updates.
I only use Software Update to see what is needed, then get them for real via...
http://www.apple.com/support/downloads/
That way I can wait a week or so, check the forums for potential problems, and get Permissions & such in order before installing.

Research on the Security of NGDC Based on ASP

Similar Messages

Maybe you are looking for