I've written the following stored procedure: CREATE PROCEDURE dbo.usp_DEMO @LOGINSQL VARCHAR(30), @DBNAME VARCHAR(40) WITH EXECUTE AS owner AS DECLARE @SQL NVARCHAR(1000) SET @SQL = 'USE' ...

If we have a MySQL RDS in AWS which can only be accessed from the EC2's in the private subnet then is there any benefit in encrypting it from security point of view (Using default RDS encrypt...

I have encountered today a problem that I have never faced before. I have developed an application that uses SQL Server database. That application has a Windows Service that accesses the database....

How do we set a different database / namespace in Firestore? This would be helpful in building multi-tenancy SaaS products.

I am using Azure KeyVault to store my database credentials, Now to access it I have hardcoded client id and client secret in service code. How can I avoid this hard coding as its insecure? 1) I do...

I have two apps that use Integrated Security. One assigns Integrated Security = true in the connection string, and the other sets Integrated Security = SSPI. What is the difference between SSPI an...

Postgres's official docs indicate that functions defined with SECURITY DEFINER run with privileges of the user who created it. However other sources, such as here and here, claim it is the privile...

If I have a server with a database of top secret data in PostgreSQL and my password is practically impossible to guess (128 character string of all sorts of weird chars, generated by hand). The ser...

I've got a database that I'd like to keep on the main domain, but prevent domain admins from writing to it. Read access is not a concern. To do this, it looks like I'd have to ensure any accounts w...

I want to enable Transparent Data encryption (TDE) on MySQL. I don't mind if the entire db is encrypted (as opposed to a few columns or rows or tables). I am using this for a study, so I am looking...

I'm creating an Access 2010 database and would like some clarification when it comes to concurrency and security. What I would like is upon starting the app only a menu form to be displayed with se...

Just a quick question: Say I put an insert trigger on a table in my database. If data is inserted into that table through a login/user "foobar". Does the trigger execute with the same access rig...

I mistakenly removed all users for mysql ... So I can't connect to mysql. Does anyone has an idea ? I tried reinstalling it but it didn't work ... PS : I am on Archlinux. Thanks in advance !

I have a database which has an application role. The role members all belong to a group in Active Directory. Instead of giving the role permissions to select from the tables I have given the role e...

Are there any SQL injection tools out there so I can test my site for vulnerabilities? Any good ones? Free ones would be good.

I'm writing an app which main purpose is to keep list of users purchases. I would like to ensure that even I as a developer (or anyone with full access to the database) could not figure out how mu...

so as title says, I would like to hear your advices what are the most important questions to consider and ask end-users before designing database for their application. We are to make database-orie...