September 26, 2015 at 2:05 pm
I have the solution for President Xi's and President Obama's "economic cybersecurity". It solves application access. It works for law enforcement. There is no better or more powerful or simpler or more secure solution on planet earth.
How can I get it in front of decision-makers?
Sincerely,
Andrew B. Brown
PS. It is an emergency.
PS 2. It consists of 3 pipelines to the database:
Database.Store
Database.Delete
Database.Load
It is as simple as that.
PS. 3. Please hold off all discussions on "cryptoblah" until this solution is reviewed.
September 27, 2015 at 11:00 am
There are two problems with you're good solutions, IMHO...
1. They're usage is not enforceable.
2. They only address a small part of the problem.
--Jeff Moden
September 27, 2015 at 12:16 pm
Jeff Moden (9/27/2015)
There are two problems with you're good solutions, IMHO...1. They're usage is not enforceable.
2. They only address a small part of the problem.
It is a significant part because it funnels all access through a single interface. Easy to use and impossible to screw up. Prevents SQL injection and hides the data table structure. It allows centralized logging and supports any granularity in securing objects.
I am trying to get it communicated to various governmental entities in Texas with the goal of having it as a standard interface to all RDBMS's.
It is powerful as can be and trivial to get it working.
September 27, 2015 at 5:52 pm
andrewbb (9/27/2015)
Jeff Moden (9/27/2015)
There are two problems with you're good solutions, IMHO...1. They're usage is not enforceable.
2. They only address a small part of the problem.
It is a significant part because it funnels all access through a single interface. Easy to use and impossible to screw up. Prevents SQL injection and hides the data table structure. It allows centralized logging and supports any granularity in securing objects.
No doubt you could make it more difficult to "get hacked" but your good method is not able to stop the human trait of making mistakes and poor decisions. Just because there is an interface doesn't stop people from bypassing the interface or even using the interface to get what they want. For example, many of the break-ins that have made the headlines have had nothing to do with an interface. Rather they've been logins that are allowed... by the wrong people because some idiot gave up his login and password. Even habits of people can be exploited to allow a super secure "interface" to be penetrated. Turing proved that in WWII.
--Jeff Moden
September 27, 2015 at 6:14 pm
Jeff Moden (9/27/2015)
andrewbb (9/27/2015)
Jeff Moden (9/27/2015)
There are two problems with you're good solutions, IMHO...1. They're usage is not enforceable.
2. They only address a small part of the problem.
It is a significant part because it funnels all access through a single interface. Easy to use and impossible to screw up. Prevents SQL injection and hides the data table structure. It allows centralized logging and supports any granularity in securing objects.
No doubt you could make it more difficult to "get hacked" but your good method is not able to stop the human trait of making mistakes and poor decisions. Just because there is an interface doesn't stop people from bypassing the interface or even using the interface to get what they want. For example, many of the break-ins that have made the headlines have had nothing to do with an interface. Rather they've been logins that are allowed... by the wrong people because some idiot gave up his login and password. Even habits of people can be exploited to allow a super secure "interface" to be penetrated. Turing proved that in WWII.
I agree. However, it eliminated one source of ambiguity. Then, the more esoteric back doors can be identified and closed.
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply