Security

Subscribe to Security content with RSS Syndicate content or email

Reverse byte order of an 8-bit string from big-endian to little-endian

Hi,

I have a situation where I write a character stream to a file. The file content gets signed and the signature is sent to a service provider together with the file content.

views

rating

SHA256 Signing with RSA PSS padding

Hi everyone,

I have a project which requires the sending of JSON messages to an external service provider using REST. The service provider requires the message contents to be signed.

views

rating

Dynamic row-level security

This is a translation of the following article. Thanks @Evgeny Shvarov for the help in translation.

Someone posted a question on DC asking whether it was possible to determine access rights for a particular table row always at runtime, and if it was, how could one do that?
Answer: it is possible and it’s not hard at all.

views

rating

Does or will Caché support RFC 7523

Unless I'm mistaken, 2017.1 doesn't appear to support RFC 7523 (JSON Web Token Profile for OAuth 2.0 Client Authentication and Authorization Grants).  Is that coming in 2017.2?

views

rating

Caché Classes: How to Make a View on a Class to Manage Property Level Security?

Hi, Community!

Suppose I have class A with properties P1 and P2.

I want to introduce class B, which would have same records as Class A, but only  one property - P2.

views

rating

Running the Management Portal pages over HTTPS

Hi,

I'm unable to locate a set of instructions that would allow me to encrypt the traffic to/from the Cache' Management Portal (that is - run it over HTTPS)

views

rating

Webinar Recording: Securing the Management Portal

Do you need to give additional users access to the Management Portal to help maintain and monitor your system? You may be wondering what’s the best way to:

views

rating

Hacking into Caché

Disclaimer: This is not a how to guide and I personally do not do any of the following unless its for penetration testing. It's important to think like a hacker in order to beat them at their own game.

views

rating

A user's Startup Namespace overrides any namespace specified as a csession parameter

Today I helped someone solve a mystery. He had been trying to use the -U namespace argument of a csession command to specify the namespace in which to run a particular routine, and was puzzled when the routine could not be found.

views

rating

views

rating

Security Alerts

Wanna Cry

views

rating

Security handling of Intersystems

How is the security handled in intersystems for GUI and web services testing part ? Does it have inbuilt security handling packages ? what are the limitations ? Please enlighten.

views

rating

Cache Open Authorization Framework (OAuth 2.0) - one year later....

It's almost a year since I have published a series of articles explaining how to configure Cache instance as a client / resource server / authorization server.

views

rating

Featured InterSystems Online Course: Using SAML for Security

Take this online course to learn the basics of SAML (Security Assertion Markup Language), the ways in which it can be used within Caché security features, and some use cases that can be applied to HealthShare productions.

views

rating