PRESENTS Vitess security audit In collaboration with the Vitess maintainers, Open Source Technology Improvement Fund and The Linux Foundation Authors Adam Korczynski David Korczynski Creative Commons 4.0 (CC BY 4.0) Vitess Security Audit, 2023 Table of contents Table of contents 1 Executive summary 2 Notable findings 3 Project Summary 4 Audit Scope 4 Threat model formalisation 5 Conclusions 40 1 Vitess Security Audit, 2023 Executive summary In March and April 2023, Ada Logics carried out a security audit of Vitess. The primary focus of the audit was a new component of Vitess

TiDB Audit Plugin User Guide August 4, 2022 TiDB Audit Plugin User Guide Introduction The TiDB audit plugin records the TiDB server’s activities that are expected to follow auditing regulations of describes how to compile, package, and use the audit plugin. Download the plugin You can download the plugin on TiDB Enterprise Edition Downloads. Deploy the audit plugin After downloading the plugin, you TiUP to deploy the audit plugin. Use TiDB Operator to deploy the plugin Configure TidbCluster CR. tidb: additionalContainers: - command: - sh - -c - touch /var/log/tidb/tidb-audit.log; tail -n0 -F

получении запроса на соединение процесс сервера удостоверяет пользователя по базе данных безопасности (security database). После успешного удостоверения сервер разрешает приложению (пользователю) произвести безопасности, то даже хорошее шифрование становится немного больше, чем “безопасностью по неясности” (security by obscurity). 4.2.2. Ограничение распространения данных Некоторые просят шифровать данные базы “безопасности по неясности” Предлагаются и различные другие формы “безопасности по неясности” (security by obscurity). Например, специальные события, возникающие в моменты входа/подключения и отключения

Firebird File and Metadata Security Geoff Worboys Version 0.6, 30 June 2020 Table of Contents 1. Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 7. Acceptable Low Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . page and don’t know about Firebird, see this link: www.firebirdsql.org This article discusses the security of Firebird database files and in particular access to the metadata stored in those files. It has

database auditing and the audit plugin 1 Obtain the database auditing feature 2 The range of database auditing 2 The events of database auditing 3 Recorded information in audit logs 5 General information information 6 Audit operation information 7 Audit log filters and rules 7 Filters 8 Filter rules 9 File formats of audit log 10 Rotation of audit log 11 The number and duration for reserving audit logs 11 11 Audit log redaction 11 System tables 11 mysql.audit_log_filters 11 mysql.audit_log_filter_rules 12 System variables 13 tidb_audit_enabled 13 tidb_audit_log 14 tidb_audit_log_format 14 tidb

..................................................................................... 11 5.1.6. Audit Trails .......................................................................................... ......................................................................................... 18 7. Security ............................................................................................... ...................................................................... 41 10.3.2. zumero_define_audit_table() ...................................................................... 41 10.4. Adding conflict

Translator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Sharding Audit Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311 4.4 Error Code . . . . Dis‐ tributed Trans‐ action Transactional capability is key to ensuring database integrity and security and is also one of the databases’core technologies. With a hybrid engine based on XA and BASE trans‐ ShardingSphere provides distributed transaction capabilities on top of standalone databases, enabling data security across underlying data sources. Read/write Split‐ ting Read/write splitting can be used to cope

Translator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417 Sharding Audit Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 Data Masking Algorithm Implementation classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453 10.5 SQL Audit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453 10.5.1 ib ut ed T ra ns ac ti on Transactional capability is key to ensuring database integrity and security and is also one of the databases’core technologies. With a hybrid engine based on XA and BASE transac‐