Search Results

Search found 3707 results on 149 pages for 'secure'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 3/149 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Google I/O 2012 - Writing Secure Web Apps and Chrome Extensions

    Google I/O 2012 - Writing Secure Web Apps and Chrome Extensions Jorge Lucangeli Obes Today, a carefully developed web app can boast a high level of security, by taking advantage of several technologies: HTML5, CSP, NaCl, and the Chrome extension framework. The objective of this session is to show how these technologies allow a developer to create a web app that rivals or exceeds a desktop app in features, while remaining more secure than its desktop counterpart. For all I/O 2012 sessions, go to developers.google.com From: GoogleDevelopers Views: 46 1 ratings Time: 56:16 More in Science & Technology

    Read the article

  • Good Introductory Books on Writing Secure Software

    - by cosmic.osmo
    What are some good introductory books about writing secure software? Specifically, one that covers basic strategies and design patterns for writing a secure software and surveys common security vulnerabilities, how they're exploited, and how you can protect against them. Personally, I've picked up bits of security know-how here and there over my career, but now I'd like a more systematic overview.

    Read the article

  • Good quality Secure Software Development Training [closed]

    - by Patrick
    Just had my annual appraisal and found out my company is willing to pay for training and exams etc! Woohoo (they kept that one quiet). I'm interested in doing a course on secure development techniques. Has anyone got any suggestions for good quality distance learning courses in secure development (I could probably get a couple of days off to attend a conference/ course if required)? We're mostly an MS .Net house but I have no particular allegiance to MS or any other programming language (though, obviously, C++ is the best language in the world). I have 12 years development experience working in (what are now) PCI:DSS environments, including designing and developing a key management system and I have some knowledge of basic attacks (XSS, injection etc). I would prefer a hard course I struggle with to a basic course I learn 3 things from (but hopefully get something right at my level). A quick google found these two course which look good: http://www.sans.org/course/secure-coding-net-developing-defensible-applications https://www.isc2.org/csslpedu/default.aspx I don't really know how to choose between them, and finding other courses isn't going to make that job any easier, so I thought I'd ask those who know. EDIT : Hmm, care to share the reason for your down vote, will help me learn how to use the site better...

    Read the article

  • /var/log/secure user activity. also, httpd can not start without two users

    - by user52869
    hello, i found some strange informations in /var/log/secure file: Feb 10 02:02:04 server2364 usermod[30750]: unlock user `username1' password Feb 10 02:02:04 server2364 usermod[30811]: lock user `username2' password Feb 10 02:05:16 server2364 usermod[30992]: unlock user `username2' password Feb 10 02:05:18 server2364 usermod[31114]: unlock user `username1' password username1 and username2 are two usernames on system, that have no ability to login. for every night in 02:02h results like that are in /var/log/secure file. one more thing: files /etc/shadow, and /etc/shadow have timestamps 02:05h. what can be cause for it? next thing, if i remove those two accounts (username1 and username2), i can not start web server. can you help me with some ideas, am i hacked?

    Read the article

  • Is osTicket secure/private enough

    - by Andy
    I was going to use osTicket as my 'help desk' for my website, however I just got a little bit concerned when I realised that the clients' login details to see their support tickets are only their email address and a ticket ID. I am probably going over the top with security though, which is why I wanted to get some second opinions on how secure osTicket actually is and whether I should use it with my website. I run a software company, so chances are licence keys may be included in support tickets which are obviously sensitive information and valuable - so I want to ensure that the likelihood of a support ticket being hacked is very low. If there is any plugins/additions to make osTicket more 'secure', I would appreciate it if you could point me to them. Otherwise if there are any more free, more suited, help desk softwares out there please let me know. Thanks in advance

    Read the article

  • Secure Deployment of Oracle VM Server for SPARC - updated

    - by Stefan Hinker
    Quite a while ago, I published a paper with recommendations for a secure deployment of LDoms.  Many things happend in the mean time, and an update to that paper was due.  Besides some minor spelling corrections, many obsolete or changed links were updated.  However, the main reason for the update was the introduction of a second usage model for LDoms.  In a very short few words: With the success especially of the T4-4, many deployments make use of the hardware partitioning capabilities of that platform, assigning full PCIe root complexes to domains, mimicking dynamic system domains if you will.  This different way of using the hypervisor needed to be addressed in the paper.  You can find the updated version here: Secure Deployment of Oracle VM Server for SPARCSecond Edition I hope it'll be useful!

    Read the article

  • Books or guides regarding secure key storage and database encryption

    - by Matty
    I have an idea for a SaaS product I want to create, however, this product will store extremely sensitive data that needs to be encrypted at rest. The trouble is not so much the encryption, but the problem of securely storing the keys so that in the event the server was somehow compromised, the keys couldn't just be recovered and used to decrypt the database. Are there any decent books to guides regarding database encryption, and in particular secure key storage? This seems to be a less than straightforward topic and something that is difficult to get right. I'm seeing multiple ways to attack such a system, but unable to come up with one that is secure enough to store highly confidential information.

    Read the article

  • Friday Spotlight: Oracle Secure Global Desktop and amitego VISULOX

    - by Chris Kawalek
    Happy Friday! Our spotlight this week is a screencast about a fantastic solution that takes the security model of Oracle Secure Global Desktop and adds even more features. If you work in environments where you need to have a video record of users' interactions with applications, or need to ensure that two users can remotely work on the same session (a worker entering data in a form from one workstation and a manager typing an authorization code from another, for example), amitego VISULOX can do this and a lot more. It's built on top of Oracle Secure Global Desktop, so you get all of the great features there, plus additional unique security related features provided by VISULOX. Click the thumbnail below to watch the screencast. We'll see you next week! -Chris 

    Read the article

  • Identify "non-secure" content IE warns about [on hold]

    - by Doug Harris
    As many know, if you serve a page over https and the content loads resources (images, stylesheets, js, SWF objects, etc) over http, older versions of Internet Explorer will show the user a warning saying "This page contains both secure and non-secure items". This is discomforting to many non-technical users. Usually, I can look at the HTML source and identify which item(s) are triggering this error. Sometimes a Flash object will load something else or some embedded javascript will put a new object in the DOM and trigger this. What tools are good for quickly tracking down the source of the warning?

    Read the article

  • What's New in Oracle Secure Global Desktop 5.1 webcast

    - by Chris Kawalek
    We have a really exciting webcast coming up for you this week that will tell you all about what's new in Oracle Secure Global Desktop 5.1. Hosted by Andy Hall, you will learn all the exciting features in this brand new release! What's New in Oracle Secure Global DesktopThursday, November 7, 9AM Pacific TimeRegister now. If you'd like a sneak peek, hop on over to the Fat Bloke Sings, where Fat Bloke goes into detail on some of the new features. My favorite is accessing your applications (or even full desktops) from SGD using just the Chrome web browser. In this graphic, Fat Bloke is running Oracle Linux via SGD and accessing with Chrome on the Mac. This required no installation on the client, no dependencies on any other software, nothing -- just open up Chrome, login, and all of your stuff is there. Very cool.  We hope to see you on Thursday! -Chris 

    Read the article

  • Rendering of Oracle Secure Global Desktop's Administration Console on Modern Browser Versions

    - by Mohan Prabhala
    For customers using Oracle Secure Global Desktop version 4.6x, one of the issues reported is the improper rendering of the administration console when using modern browser versions such as Safari 5, Firefox 4+ or Internet Explorer 9. We are pleased to provide a fix for use of these modern browser versions when using Oracle Secure Global Desktop 4.6x. Please refer to Doc ID 1367923.1 on My Oracle Support. The solution involves a new .jar file, oracletheme.jar and following a few simple instructions. Download the new oracletheme.jar to /tmp and backup the existing one located at  /opt/tarantella/webserver/tomcat/<tomcat_ver>/webapps/sgdadmin/WEB-INF/lib/oracletheme.jar Stop the webserver  /opt/tarantella/bin/tarantella stop webserver Copy the new oracletheme.jar to the correct directory cp /tmp/oracletheme.jar /opt/tarantella/webserver/tomcat/<tomcat_ver>/webapps/sgdadmin/WEB- INF/lib/oracletheme.jar Verify permissions for the file -rw-r----- 1 root ttaserv 280449 Sep 9 2010 oracletheme.jar Finally, restart the webserver /opt/tarantella/bin/tarantella start webserver

    Read the article

  • secure boot windows 8 issues it hates ubuntu :(

    - by Steven Brown
    im running into issues with windows 8. ok so i disabled secure boot from my laptop. i tell it to launch from my USB with ubuntu installed on it and it wont boot. just simply light my screen and darken it. iv google the fire out of this and no use so im asking for help. im useing ubuntu 13.04. more details: well i have tryed to boot another OS (zorin) and it hates it too. i dont know why my secure boot wont shut off. if it helps i have a HP 2000.

    Read the article

  • How do I code Citrix web sites to use a Secure Gateway (CSG)?

    - by RAVolt
    I'm using Citrix's sample code as a base and trying to get it to generate ICA files that direct the client to use their Secure Gateway (CSG) provider. My configuration is that the ICA file's server address is replaced with a CSG ticket and traffic is forced to go to the CSG. The challenge is that both the Citrix App Server (that's providing the ICA session on 1494) and the CSG have to coordinate through a Secure Ticket Authority (STA). That means that my code needs to talk to the STA as it creates the ICA file because STA holds a ticket that the CSG needs embedded into the ICA file. Confusing? Sure! But it's much more secure. The pre-CSG code looks like this: AppLaunchInfo launchInfo = (AppLaunchInfo)userContext.launchApp(appID, new AppLaunchParams(ClientType.ICA_30)); ICAFile icaFile = userContext.convertToICAFile(launchInfo, null, null); I tried to the SSLEnabled information to the ICA generation, but it was not enough. here's that code: launchInfo.setSSLEnabled(true); launchInfo.setSSLAddress(new ServiceAddress("CSG URL", 443)); Now, it looks like I need to register the STA when I configure my farm: ConnectionRoutingPolicy policy = config.getDMZRoutingPolicy(); policy.getRules().clear(); //Set the Secure Ticketing Authorities (STAs). STAGroup STAgr = new STAGroup(); STAgr.addSTAURL(@"http://CitrixAppServerURL/scripts/ctxsta.dll"); //creat Secure Gateway conenction SGConnectionRoute SGRoute = new SGConnectionRoute(@"https://CSGURL"); SGRoute.setUseSessionReliability(false); SGRoute.setGatewayPort(80); SGRoute.setTicketAuthorities(STAgr); // add the SGRoute to the policy policy.setDefault(SGRoute); This is based on code I found on the Citrix Forums; however, it breaks my ability to connect with the Farm and get my application list! Can someone point me to an example of code that works? Or a reference document?

    Read the article

  • A few tips on deploying Secure Enterprise Search with PeopleSoft

    - by Matthew Haavisto
    Oracle's Secure Enterprise Search is part of PeopleSoft now.  It is provided as part of the Peopltools platform as an appliance, and is used with applications starting with release 9.2.  Secure Enterprise Search is a rich and powerful search product that can enhance search and navigation in PeopleSoft applications.  It also provides useful features like facets and filtering that are common in consumer search engines.Several questions have arisen about the deployment of SES and how to administer it and insure optimum performance.  People have also asked about what versions are supported on various platforms.  To address the most common of these questions, we are posting this list of tips.Platform SupportSES 11.1.2.2 does not support some of the platforms supported by PeopleTools, such as Windows 2012 and AIX 7.1. However, PeopleSoft and SES can use different operating system platforms when SES is deployed on a separate machine.SES 11.2.2.2 will have the required platform support for PT 8.53 in the future. We are planning to certify PT 8.53 once the testing is complete in 8.54 development and all platform support is released for 11.2.2.2.ArchitectureWe recommend running SES on a separate machine (from your apps) for two reasons:1.    SES bundles specific WebLogic, Java, and Oracle DB versions and might need different OS patches at a minimum than PeopleSoft. By having SES run on a different machine, these pre-requisites can be managed better through their lifecycle independenly for PeopleSoft and SES.2.    SES is resource intensive - it runs it's own WebLogic and Oracle database. By having SES run on its own machine, sufficient resources can be allocated to SES and free the PeopleSoft servers from impacts of SES load patterns.We will be providing a comprehensive red paper covering PeopleSoft/SES administration in the near future, but until that is published, we'll post tips on this blog.

    Read the article

  • Accessing Secure Web Services from ADF Mobile

    - by Shay Shmeltzer
    Most of the enterprise Web services you'll access are going to be secured - meaning they'll require you to pass a user/password in order to get to their data.  If you never created a secured Web service, it's simple in JDeveloper! For the below video I just right clicked on a Java class that I exposed as a Web service, and chose  "Web Service Properties" and then checked the "oracle/wss_username_token_service_policy" box from the list of options (that's the option supported by ADF Mobile right now): In the demo below we are going to use a "remote" login server that does the authentication of the user/pass.The easiest way to "create" a remote login server is to create a "regular" web ADF application, secure it, and deploy it on a server. The secured ADF application can just require ADF Authentication with a simple HTTP Basic Authentication - basically the next two images in the Application->Secure->Configure ADF Security menu wizard. ok - so now you have a secured ADF application - deploy it on a server and get the URL for that application.  From this point on you'll see the process in the video which deals with the configuration of your ADF Mobile app. First you'll need to enable security for your ADF mobile application, so it will prompt users to provide a user/pass combination. You'll also need to configure security on specific features. And you can have them use remote login pointing to your regular secured ADF application. Next define your Web service data control. Right click on the web service data control to "define Web Service Security". You'll also need to define the adfCredentialStoreKey property for the Web Service data control in the connections.xml file. This should be it. Here is the flow: If you haven't already - you can read more about this in the Mobile developer guide, and Andrejus has a sample for you.

    Read the article

  • CVE-2011-3192 and CVE-2011-0419 affect Oracle Secure Global Desktop

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-0419 Resource Management Errors vulnerability 4.3 Apache HTTP Server Oracle Secure Global Desktop 4.62 CVE-2011-3192 Resource Management Errors vulnerability 7.8 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • How Secure Are Your ID Cards From Counterfeiting

    ID cards are increasingly used by organizations as a key component of their security infrastructure. As such, there is an increasing concern that ID cards are secure so that they can NOT be fraudulen... [Author: Edmond Shi - Computers and Internet - May 23, 2010]

    Read the article

  • Open Source PHP based secure file download script?

    - by SiddharthP
    Basically I need a self hosted solution where I as the admin can create client areas (which can be simple folders) where I upload files and secure them with username / pass. A client page will then be automatically generated which the client can access the username / pass and download the files. It's relatively simple script but i'm having a hard time finding open source solutions which accomplish what i need. Any help would be appreciated.

    Read the article

  • How to Secure your SQL Azure Application

    Developers targeting the SQL Azure platform should make sure their applications are secure. This article walks through the considerations developers need to keep in mind when designing SQL Azure applications. The Future of SQL Server Monitoring "Being web-based, SQL Monitor enables you to check on your servers from almost any location" Jonathan Allen.Try SQL Monitor now.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >