Disclaimer - Alliance Digital Repository

More documents

Recommendations

Info

23 making sure their servers, especially those exposed to the Internet, are properly patched (Westman, 2002; Alapati, 2003, sec. 1, par. 27). Given that many businesses use databases for the storage of critical information, and new requirements of both laws and governments require increased security of this data, it is important to take the necessary actions to ensure security (Fernandez-Medina & Piattini, 2005). Beynon-Davies (2004) suggests that the primary way of securing database systems is by defining a set of authorized users of the entire system, or more commonly, parts of the database. In order to prevent hacking attempts on default user accounts of the RDBMS, Oracle Corporation recommends that all default user accounts are locked and expired, with the exception of the SYS and SYSTEM account (Alapati, 2003, sec. 1, par. 3). Alapati (2003, sec. 1, pars. 4, 5, 7, 27) also suggests the following to secure a database: • Do not hard-code user passwords in scripts, but rather use a password file. • Force users to change passwords in a timely fashion. • Perform frequent checks of the audit trail for signs of logins as SYSDBA and unsuccessful attempts to log in to the database. • Keep current on new security vulnerabilities and patch accordingly. While securing the perimeter of a network with a firewall will protect the database from external threats, using these suggestions is a good step in protecting the database from risks from the network inside the firewall (Alapati, 2003, sec. 1, par. 1, 22).
24 Conclusion: Developing a Web-based application can be of significant value for an organization. The Internet has had a profound impact on businesses where Web technology usage has increased (Standing, 2002; Suh 2005). Through the use of serverside scripting languages, such as ColdFusion, ASP.NET or PHP, it is now easier for organizations to use the Internet to host Web-based applications. Organizations often use some sort of RDBMS system to store critical data and Web technologies allow them Web-based access to their data (Brooks-Bilson, 2003). Many of the server-side scripting languages provide for rapid development of Web-based applications. Since the Web is a new medium for application development, there are few software development methodologies dedicated to developing Web-based applications. Howcroft & Carroll (2000) presented a four phase methodology designed for Web applications. Traditional methodologies, for example the Waterfall methodology, the Spiral methodology and the Prototyping methodology, may be adapted for Web-based applications. Critical to the success and acceptance of a Web site and application is the design, especially in the area of navigation and menu design (Chen & Yen, 2004; Huizingh, 2000; Yu et al., 2001). Due to the open design of the Internet there exists a lax in security (Soh & Young, 1998) so measures need to be taken to insure that the application and its database (data) are secure against risks both internal and external to the organization.
Page 1 and 2: Regis University School for Profess
Page 3 and 4: Regis University School for Profess
Page 8 and 9: An Abstract of a Project/Practicum
Page 10 and 11: Table of Contents Chapter 1 - Intro
Page 12 and 13: List of Figures Figure 1 - Web Appl
Page 14 and 15: 1 Chapter 1 - Introduction Statemen
Page 16 and 17: 3 ARC needed this repository for al
Page 18 and 19: 5 Summary: Affordable Residential C
Page 20 and 21: 7 Chapter 2 - Review of Literature
Page 22 and 23: 9 management capabilities (Chen and
Page 24 and 25: 11 administration (Beynon-Davies, 2
Page 26 and 27: 13 successful which relate to the s
Page 28 and 29: 15 Developer’s Guide”, n.d.). D
Page 30 and 31: 17 subsystems that were previously
Page 32 and 33: 19 incorporated into a collection o
Page 34 and 35: 21 with Web-based applications in m
Page 38 and 39: 25 Research methods to be used: The
Page 40 and 41: 27 concerning the security of their
Page 42 and 43: 29 Chapter 3 - Methodology Life Cyc
Page 44 and 45: 31 was the custom built application
Page 46 and 47: 33 Lead Assignment: The procedure A
Page 48 and 49: 35 Review of deliverables: The deli
Page 50 and 51: 37 When the project began ColdFusio
Page 52 and 53: 39 MX licenses, as well as the othe
Page 54 and 55: 41 Figure 7 - Required Lead Informa
Page 56 and 57: 43 ColdFusion for their internal in
Page 58 and 59: 45 All of the tables were created w
Page 60 and 61: 47 After numerous revisions the own
Page 62 and 63: 49 If a user forgets their password
Page 64 and 65: 51 Figure 18 - Create Profile Page
Page 66 and 67: 53 want to delete. When the profile
Page 68 and 69: 55 Figure 25 - Show Leads Page (Dar
Page 70 and 71: 57 Figure 28 - Lead Documents Page
Page 72 and 73: 59 When the user closes a lead they
Page 74 and 75: 61 Since certain users are allowed
Page 76 and 77: 63 FORGOT_PWD table. In addition, n
Page 78 and 79: 65 in a module or changes to a modu
Page 80 and 81: 67 stored procedure would parse the
Page 82 and 83: 69 Using the Internet site of ARC a
Page 84 and 85: 71 hesitant to use the application
Page 86 and 87:
73 management. There was not any da
Page 88 and 89:
75 Summary of results: This project
Page 90 and 91:
77 Chapter 5 - Lessons Learned and
Page 92 and 93:
79 What would have been done differ
Page 94 and 95:
81 logic that is currently in the f
Page 96 and 97:
83 Although the project met initial
Page 98 and 99:
85 Liao, Shu-Hsien (2005). Expert s
Page 100 and 101:
Appendix A 87
Page 102 and 103:
89 Appendix C Design and Implementa
Page 104 and 105:
91 The Internet as a Portal Can be
Page 106 and 107:
93 Components of a Database backed
Page 108 and 109:
95 Web Methodologies Web applicati
Page 110 and 111:
97 Project History Application Req
Page 112 and 113:
99 ARC’s Design Idea Final Design
Page 114 and 115:
101 Application Features Automatic
Page 116 and 117:
103 Next Evolution of the Project
Page 118 and 119:
105 Annotated Bibliography .NET Fra
Page 120 and 121:
107 design; and specific logical de
Page 122 and 123:
109 This website defines a relation
Page 124 and 125:
111 Standing, Craig (2002). Methodo
show all

Disclaimer - Alliance Digital Repository

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?