Abstract:

This article focuses on the best practices necessary to protect the databases behind the Web applications. Web masters, database designers, databases administrators, and database developers should be trained to follow these practices in order to minimize unauthorized database access. Several topics will be discussed, including: access through Web server, indirect access to tables, transaction log versus detailed action log, trash database, files access control, sensitive information changes, and user’s information.