Security requirements - please help!
Hello Experts,One of my clients is to have the line of questioning. It would be a great help if you share your suggestions to meet the following:
For authentication issues on the client side:
1. the credentials stored in the client session state?
2. the credentials stored in any type of data store (database, flat file)?
3. the credentials are never available to be written to the log files?
4. is secure transport that is used for all communication between the connection and the back-end server? Or is the password encrypted on a non secure channel?
5. How are treated invalid credentials?
6. How are expired passwords be managed?
7. the users redirected to the idM of password resets managed? IDM is our application, so whne user has attempted to change password in excel is sort of redirect to our Application.
For the LDAP bind
1. is the integration with LDAP for authentication?
2. what information will be pulled back from the directory and how often?
3 you need to rewrite all the data in the directory?
4. how many connections (number of) will be open to the application directory?
5. the number of connections may be limited to a specific number?
6. a connection pool will be used?
7. the document and run tests to understand the Directory performance implications.
8 the application does support of research filtered to pull back only users who have access to the application?
9 must. the application maintain all groups in the directory?
Thanks in advance.
Kind regards
Jingle
I can't respond to all of this, but some general information can help a lot.
The answer to many of them also depends on the version you are using. My knowledge ends with version 7, and I have 'some' details on the new versions, but in general:
(1) No, the handles are used to represent a qualified user (credentialled)
(2) the Essbase.sec file contains this information in an encrypted form for authenticated internal users (using DES/Blowfish IIRC), external authentication is, thus, outwardly authenticate... (couldn't resist that).
(3) there is no API or internally the internal mechanism to expose the stored password. I suspect that a sum of control (or one-way hash) is used, this information is not yet available.
Note 3 (a): there are two security vulnerabilities in passwords, but I give these details on a forum public (it would probably take a lot to find, but still).
(4) N ° credentials are completely secure, data requests are not. However, from the safety point of view, intercept an excerpt of companies by sniffing the network traffic is much harder hacking an account of essbase as one so-called spy would be silly to use the network traffic as a way to learn about a competitor. In general, if the server has access to the public, a VPN connection must prevent the unauthorized public access, and this would provide the security of the traffic. A public server with internet access is a little risky, but not a great threat.
(5) simple refusal of connection for the first attempts at "n", then the account lockout. Here, we give 3 attempts, which means I have reset many accounts.
(6) locking of account when the connection attempt (no grace period).
(7) n ° 'See your Essbase Administrator' (or equivalent message Hyperion/Oracle).
For LDAP, commissioning is more complicated and I don't have enough experience with it to address more, so I leave you with the above.
I think that I know a couple of responses, which means that answering them will ensure only that I'm wrong.
Tags: Business Intelligence
Similar Questions
-
My ID apple has been disabled and I can't restore it because I forgot my security question, please help
I can't update my iphone because it will need for my apple for activation ID. Please help me.
Contact Apple for assistance with the security of the Apple ID - Apple Support accounts
-
I entered incorrect of the apple Keychain security keys please help...
I entered incorrect of the apple Keychain security keys please help...
Just reset Keyring - painless process
- In iOS 8, tap Settings > iCloud > Keyring > advanced. In iOS 7, tap Settings > iCloud > keychain.
- Tap approve with Security Code.
- When asked to enter your iCloud Security Code, type Code forgotten.
- Press Reset iCloud keychain to replace your iCloud Keychain in the cloud with iCloud on your device keychain items.
- Press Reset to confirm. You will be asked to create a new cryptogram iCloud.
-
Help, please. Security problem please help. ___
Another person in the apartment where I live has put its media player as an icon in my taskbar without asking. Please help me to make sure that it is impossible to do it again
Thank you for your time and effortMake sure your firewall is on and Security Center Windows to check and make sure that everything is green, if there is something red or yellow then see what he wants. Make sure that you use the version of anti-virus update and update your Windows and antivirus. If you use try Wi - Fi to enable WPA2 or WEP 128, see the manual of the wireless modem.
As AntiVirus, you can use Microsoft Security Essentials for free
Scan with your antivirus complete and remove the threat. use of strong passwords for your Windows login, create strong passwords have look at:
https://www.Microsoft.com/protect/fraud/passwords/checker.aspxTry to go to the BIOS Setup and disable the boot with CD and network and make sure you boot from the hard drive is turn on and rest are disable. (Check your BIOS manufactor to aid)
If you are using Windows Vista Ultimate using Bitlocker
Remember, if you choose password of Windows to the top, because if he has lost or forgotten, we cannot help you. In Windows, you can backup password.
Remmember back up your data before password and put weekly or daily backup policy that if something is wrong you have backup (it is a good idea but a backup external hard drive). Windows Vista have already great backup feature.
-
Import of security error - please help!
Hello
I'm trying to import a file of security using security import utility and it fails with the following error:
The length of the string: 1
Validation of the Secfile.txt...
Logging in to the application
Successfully connected
Error: Import security impossible - null
Logout of the application...
Disconnected from the application.
Failed to import safety.
(1) I tried to erase safely using SL_CLEARALL and import 1 security record file using the importsecurity utility and it worked.
(2) I have also updated the workspace security and then tried to reload the file of main security once again, but the same error again.
Is there something that I am missing in my footsteps? Please help with your entries.
Thank you
-Krrish
Published by: Annie 20 Sep, 2012 12:04"Have you had a glance at the following doc in Oracle Support -' IMPORTSECURITY fails with the error: 'Import security failure - Null' [ID 1309814.1].
or "The ImportSecurity for Hyperion Planning [ID 1103373.1] utility Troubleshooting"See you soon
John
http://John-Goodwin.blogspot.com/ -
Hi im having a problem in the as3 sandbox security violation please help
1 see this tutorial!
http://www.thetechlabs.com/tutorials/XML/creating-a-weather-widget-with-XML-and-AS3/
2 http://caspianseataxidrivers.centralbaku.com/
It's my project
when im test it in flash I have a flash work Hi see weather IT WORKS but when I put it on the server, it gives me error
#2044 Error: Unhandled securityError:. text = Error #2048: security sandbox violation: http://caspianseataxidrivers.centralbaku.com/CSTD.swf Cannot load data from http://xoap.weather.com/weather/local/AJXX0001?cc= * & link = xoap & by = 1205344398 & key = 24e1d0074 9192bb2 & unit = m .
to cstd_fla::MainTimeline/frame1()
I use crossdomain.xml<? XML version = "1.0" encoding = "ISO-8859-1? >< cross-domain-policy >< allow-access-from domain = "caspianseataxidrivers.centralbaku.com" / > "< allow-access-from domain = "*. centralbaku.com" / >< allow-access-from domain = "xoap.weather.com" / > "< / cross-domain-policy >but it not WORK ANY IDEAS?Plese helpHello
Looks like you are trying to access data from a domain (xoap.weather.com) to distance to a source (www.centralbaku.com) domain where your swf file, but you have the cross-domain policy file resides in the area of the source instead of having to your remote domain.
that is when a client hosts content from a particular source domain and that the content makes requests directed to other his, the remote domain would need to host a cross-domain policy file that grants access to the domain of the source, which allows the customer to continue with the transaction.
If this wont work until you get an appropriate cross domain attached to your domain (xoap.weather.com) remote
There are other means such as the use of proxy script that can run a while.
Thank you!
PS: pls mark this message as answered if it helps
-
Graphics required - please help with Spec
-
declare
abc cursor's select empname from emp;
out varchar2 (2000);
Start
I'm looping CBA
output: output = | " ' || i.EmpName | ',';
end loop;
dbms_output.put_line (output);
end;
I want that all the name of the employee of the emp table are saved in variable exit that way
"Rene', 'Kumar',"AEK","Sachin. "
I'm trying to add the name of the employee with the output variable.
The cursor is incomplete the name of an employee in each itaration.
in the 1st itaration the production value will be-"René".
in the 2nd itaration the production value will be - "Rene', 'Kumar '.
and so on.
But when I try to add the '(single cotes) before and after the name he's in trouble.
What I did is;
I'm looping CBA
output: output = | » ' '|| i.EmpName | ',';
end loop;
but it does not work or can tell you how to disable the central point "'(this one)" | i.EmpName | " (this one).
In java, we do this in.
can you tell me how can I get the output deserve.
Concerning
Rajat
Published by: user10235767 on 21 Sep, 2008 01:14To print a quote that you must double and calls then that the double quotes. So 4 citations in a row:
output := output || '''' || i.empname || ''',';Also note, that for the aggregation of the chain, you don't need PL/SQL. A single SQL can do. For example: http://rwijk.blogspot.com/2008/05/string-aggregation-with-model-clause.html
If you follow the link, you will find another - but more slowly - the alternatives.Kind regards
Rob. -
I am tryng to buying music on itunes, but it says security code wrong please help
Hello
I have problems I want tp purchase music on my itunes bt ts always requires the security code that I don't have it please help
Check your card information. If they are correct, try to change or remove your Apple ID - Apple Support payment information
-
Computer stops in normal mode quickly. Do not use in safe mode, because I have no sound or security, please help?
Hello
Could be heat related - try using a small fan to blow into the air intakes to see if that helps.
It is just like it loses power or stop it in the normal way? Keep in mind
This associated heat does not always mean too much heat as it is often a part or a component
who is too sensitive to normal levels even heat.Remove ALL power and reinstall all the memory cards and cables (both ends where possible).
in fact, remove and replace - don't do not just tight. Remove the dust bunnies and clean the
air vents. Check that fans are working (before and after opening the case). When your laptop on all the
You can do is to reinstall the memory and clean the vents (still may try to add a small fan as a
test).This sounds like material so if the above does not help you then probably need help
a real computer store (not the leeks and the glances at a Best Buy or other stores) or the
Support of system Maker.===========================================================
Check with these utilities to see if information may be collected: run BlueScreenView
to see if there were any BlueScreens and verify in MyEventViewer at shutdown
(or a few seconds before) See the event log contains useful information.It is an excellent tool for displaying the blue screen error information
-Free - BlueScreenView scans all your minidump files created during "blue screen of death," collisions
and displays information about all accidents of a table.
http://www.NirSoft.NET/utils/blue_screen_view.html-------------
MyEventViewer can be verified at the time of the blue screen (BSOD) or event within a second
or time of the BSOD or event to provide more information about the possible cause - see TIP.MyEventViewer - free - a simple alternative in the standard Windows Event Viewer.
TIP - Options - Advanced filter allows you to see a period of time instead of the whole of the record-
Set it a bit before and after the time of the event or BSOD.
http://www.NirSoft.NET/utils/my_event_viewer.html------------
AppCrashView - free - a small utility for Windows Vista and Windows 7 which shows details
application of all accidents occurred in your system. The information breaks down is extracted from the
.WER files created by the Windows Error Reporting (WER) of the operating system component of each
time that an accident has occurred. AppCrashView also allows you to easily record the list of accidents to
text/html/csv/xml file.
http://www.NirSoft.NET/utils/app_crash_view.html------------------------------
Also do this so you can see the probable bluescreens. (You may or may not be able to see
them if they occur even after doing this according to the cause.)Windows Vista restarts automatically if your computer encounters an error that requires him to plant.
(also Windows 7)
http://www.winvistatips.com/disable-automatic-restart-T84.html=========================================
What antivirus/antispyware/security products do you have on the machine? Be one you have NEVER
on this machine, including those you have uninstalled (they leave leftovers behind which can cause
strange problems).I hope this helps.
Rob Brown - Microsoft MVP<- profile="" -="" windows="" expert="" -="" consumer="" :="" bicycle="" -="" mark="" twain="" said="" it="">
-
I have a windows Vista Home Basic that crashed near virus that I had installed avg.free but it has expired now, I bought the new protection but don't know how to install it, please help!
... I bought the new protection but don't know how to install it
Too late now! See...
Cleaning a compromised system
http://TechNet.Microsoft.com/en-us/library/cc700813.aspxPersonal data backup (which none should be considered 100% reliable at this point) then format the HARD disk and do a clean install of Windows. Please note that a repair installation (upgrade AKA on-site) will NOT fix it!
HOW to do a clean install of Vista: section "If you want to reinstall Windows Vista by running a new installation...". "ofhttp://windows.microsoft.com/en-us/windows-vista/Installing-and-reinstalling-Windows-Vista
Once installed the clean, you will have the equivalent of a "new computer" in order to take care of everything on the next page before connecting the machine to the internet or one local network (i.e. other computers) otherwise and before using a flash drive or the SD card that is not brand new, or has not been freshly formatted:
4 steps to help protect your new computer before going online
http://www.Microsoft.com/security/pypc.aspxTip: After getting the computer fully patched, download/install KB971029 manually:http://support.microsoft.com/kb/971029
NB: No matter what Norton or McAfee free trial which is preinstalled on the computer when you bought will be reinstalled (but invalid) when Windows is reinstalled. You MUST uninstall the trial for free AND download/run the removal tool appropriate prior to installing the updates, Windows Service Packs or IE upgrades AND BEFORE installing your new anti-virus application (which will require WinXP SP3 must be installed).
Norton Removal Tool
FTP://ftp.Symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exeMcAfee Consumer product removal tool
http://download.McAfee.com/Products/Licensed/cust_support_patches/MCPR.exeSee also:
Risks & benefits of P2P file sharing
http://www.Microsoft.com/protect/data/downloadfileshare/filesharing.aspx
http://blogs.technet.com/MMPC/archive/2008/10/06/the-cost-of-free-software.aspxMeasures to help prevent spyware
http://www.Microsoft.com/security/spyware/prevent.aspxMeasures to help prevent computer worms
http://www.Microsoft.com/security/worms/prevent.aspxAvoid fake security software!
http://www.Microsoft.com/security/antivirus/rogue.aspx~~~~~~~~~~~~~
If you need help, please start a new thread in this forum: http://social.answers.microsoft.com/Forums/en-US/vistarepair/threads
If these procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a local, good reputation and stand-alone computer (that is, not BigBoxStoreUSA or Geek Squad) repair facility.
~ Robear Dyer (PA Bear) ~ MS MVP (that is to say, mail, security, Windows & Update Services) since 2002 ~ WARNING: MS MVPs represent or work for Microsoft
-
Please help restore the security questions for me.
I'm trying to restore security questions via the website, but there is no success. Please help me to reset for me.
You must ask security team account Apple to reset your security questions. To contact them, click here and choose a method; If this page does not list one for your country or if you are unable to call, complete and submit this form.
(144314)
-
I have not remenber my SECURITY QUESTIONED this ACC, please help me
I have not remenber my SECURITY QUESTIONED this ACC, please help me. I have remenber login pasword.
You must ask security team account Apple to reset your security questions. To contact them, click here and choose a method; If this page does not list one for your country or if you are unable to call, complete and submit this form.
(143383)
-
Hello, I forgot my security questions, I want to change but the need for an aid station. And I do not add a post before rescue. How can I add now? Please help me. TNX.
You can not and need to ask Apple to reset your security questions. To do this, click here and choose a method; If this page does not list one for your country or if you are unable to call, complete and submit this form.
(137646)
-
in a loop of constantly trying to install the latest security update. more and more, please help.
I installed ie8 security was last updated. Now I'm in a 'loop', he says constantly ready to install, I click on install, then I reboot, then he asks the same question again, ready to install, I click Yes then I have to restart, then when windows starts, he asks me once again. Finally I turned automatic updates, so now I have not this propblem. I want to solve this problem, please help me, Greg.
Help us help you: start by reading this post 'sticky '...
What information to post in the Windows Update forum
http://answers.Microsoft.com/thread/1467f44b-ee27-4F7D-98d7-f1c4b35b3395~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For individuals, free support for security updates (only!) is available by calling the 1-866-234-6020 or 1-800-936-5700 to the United States and Canada or by contacting your local Microsoft subsidiary. For more information about how to contact your local Microsoft subsidiary for security-related support questions updates (only!), visit the following Microsoft International Support Web site: http://support.microsoft.com/common/international.aspx?rdpath=4
Visit the Microsoft Solution Center and antivirus security for resources and tools to keep your PC safe and healthy. If you have problems with the installation of the update itself, visit the Microsoft Update Support for resources and tools to keep your PC updated with the latest updates.
(E.g., US & CA) North America customers can also obtain instant access to unlimited no charge by e-mail or chat support for security updates (only!) by visiting the following Microsoft Web site: http://support.microsoft.com/oas/default.aspx?&prid=7552
Maybe you are looking for
-
Installation of windows 8.1 on Lenovo G40-70
Hello I just bought a new Lenovo G40 - 70 a. 8.1 Windows came separately and I need to install. So to start the computer and insert the windows. I then turned off and started with the novo key. I chose to boot from the windows CD or after you enter t
-
I have tried to resolve the error C00D1197 for months and ran into a field that says "to enable all network protocols. How would I do that as this error comes up saying "Windows Media player cannot find the file. If you try to read, burn or sync an
-
HP Officejet 6500 a: HP Officejet 6500 a and Air Print
I use HP OfficeJet 6500 has connected to my network. Works very well. It is also implemented and works with ePrint via email address. Now, I'm trying to get my iPad and iPhone to print via Air Print, but they will not find the printer. All product
-
HP Envy 5530: Switch the remote printer
I have a HP Envy 5530 and I was wondering if it was possible to pass on/remote via my iPad/iPhone? Advice would be greatly appreciated. Thank you guys.
-
Error message "could not start the system event notification service.
Original title: windows s event notification service does not start whwn that my PC is started Hello I'm running on the windows operating system 7, suddenly today I see when my computer starts, he says: 1. windows event notification service does not