Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Hsc ipt securing data
1.
2.
3. BACKUP: Copying/storing files onto a secondary storage device
RECOVERY: Retrieving data from backup or restoring data
The need for backups arise when threats such as viruses, data corruption, theft,
hardware/software failure and unreasonable data compromise data.
Therefore regular backups are required.
Backup schemes:
• Full: all files are copied
• Partial: only those that have been newly created or changed are copied
• Incremental Partial: copies files changed since last partial
• Differential Partial: copies files changed since last full
4. Use of Physical
Locks operated by:
Keycard
Biometric Identifiers
(fingerprints)
Passwords
Physical Keys
Climate control
keeps conditions
constant to prevent
damage to hardware
Government data
warehouses would
be in deep bomb
proof bunkers with
armed guards
5. Password: Confidential set of characters that grant access to secure data
Passwords are useful for multi user systems where people who may not have authorization to view particular
parts of the system, can be barred from viewing that confidential data as they do not have clearance in the
form of the password.
Encryption: scrambling data to the point where it is unreadable so that those without the key (the procedure to
decode the encrypted data) to decrypt it may not access the data without authorization
Decryption: decoding the data using a key
Encryption can be Symmetrical (1 key) or Asymmetrical (2 Keys) with the latter being more secure.
6. DBMS View: restricted portions of a database are made available to VIEW only, often it is the output of a
SELECT Query
Often views are used so that data from a DB could be opened by other software applications
Record Locks: locking databases from editing
Pessimistic Locking: first user to edit the record locks the DB and so proceeding users must wait for the first user
to update it before they have a chance to edit it themselves
Optimistic Locking: first user edits the record but the 2 nd user can edit the record and must decide whether to
overwrite or delete their own changes