Process of developing a TCP server for secure communication between an application and a database
| Authors: Marchenko A.V., Vanin A.V. |  |
| Published in issue: #7(48)/2020 | |
| DOI: 10.18698/2541-8009-2020-7-626 | |
Category: Informatics, Computer Engineering and Control | Chapter: Methods and Systems of Information Protection, Information Security |
|
Keywords: TCP server, security, exchange, data, database, application, request, efficiency, development, programming, interaction |
|
| Published: 29.07.2020 | |
The process of developing a TCP server is shown, which serves as an intermediary between the application installed on the client side and the database installed on the server. The task of the server being developed is to process requests, interact with the database and send the resulting result to the application. This mechanism increases the efficiency of protecting the application from the decompilation process, since the code of the client application does not contain a description of the field names and the structure of the database, the probability of information leakage is minimized. The above possibility is achieved due to the fact that requests to the server contain only command names and session identifier, and the names of fields and database structure are described directly in the TCP server core.
References
[1] AppTest. github.com: website. URL: https://github.com/Maratan/AppTest (accessed: 26.02.2020).
[2] Rozhin S.N., Chikalov A.N. Creating client-server for testing program in C#. Trudy Severo-Kavkazskogo filiala MTU svyazi i informatiki, 2016, no. 1, pp. 546–549 (in Russ.).
[3] Krasov A.V., Sharikov P.I. Methods of protection byte code Java-programs from decompilation and theft of source code by an attacker. Vestnik SPbGU tekhnologii i dizayna. Seriya 1. Estestvennye i tekhnicheskie nauki [Vestnik of St. Petersburg State University of Technology and Design. Series 1. Natural and technical sciences], 2017, no. 1, pp. 47–50 (in Russ.).
[4] Gan I.B. query optimization of SQL SERVER. Windows IT Pro, 2016, no. 1, pp. 44 (in Russ.).
[5] Klochek M.S., Perfenova A.S. IP-address. Innovatsionnoe razvitie, 2018, no. 1(18), pp. 17–18 (in Russ.).
[6] Zachem nuzhno logirovanie [Why do you need logging]. javarush.ru: website (in Russ.). URL: http://javarush.ru/groups/posts/2293-zachem-nuzhno-logirovanie (accessed: 26.02.2020).
[7] Lipatov V.S., Rukosuev A.S. TCP/IP sockets. Nauchnye issledovaniya, 2016, no. 9(10), pp. 15–17 (in Russ.).
[8] Bayt. Chto eto takoe [Bite. What is it]. chto-eto-takoe.ru: website (in Russ.). URL: https://chto-eto-takoe.ru/byte (accessed: 26.02.2020).
[9] UTF-8: Kodirovanie i dekodirovanie [UTF-8: coding and decoding]. habr.com: website (in Russ.). URL: https://habr.com/ru/post/138173/ (accessed: 26.02.2020).
[10] Kogda ispol’zovat’ asinkhronnyy ili sinkhronnyy AJAX [When to use asynchronous and synchronous AJAX]. internet-technologies.ru: website (in Russ.). URL: https://www.internet-technologies.ru/articles/kogda-ispolzovat-asinhronnyy-ili-sinhronnyy-ajax.html (accessed: 26.02.2020).