Timothy Dyck

Organizations using XML-formatted data and struggling with ways to keep mounting XML data collections under control will find Software AGs Tamino XML Server 4.1.1 an effective tool. The software let eWEEK Labs store XML data directly in the database, optionally verifying its conformance to an XML Schema document structure, and then let us query the […]

Choose mainstream operating systems and databases. Consolidate around operating systems and databases that will run as large a percentage of your application set as possible. Use portable APIs and generic SQL ANSI C with POSIX, Java, Web scripting languages, Perl and .Net Framework languages all provide portability insurance. Make a policy of preferring generic SQL […]

There are now three significant players in the Web application firewall space, a field that I think offers the best approach to protecting Web applications from attack. Teros (former Stratum8 Networks) separates its Teros-100 Application Protection System offering from Sanctums AppShield and KaVaDos InterDo, by shipping it as a 1U rack appliance for ease of […]

At Microsofts VSLive conference in San Francisco last week, the company released betas of five packaged Web applications written for ASP.Net. Each is free to download and can be modified as desired. The applications will go gold later this year. The five applications are a Web-based community site, a time-tracking application, a generic database reporting […]

With a French dictionary and a guide to grammar on hand, someone would be able to figure out that the French phrase “Couper la poire en deux” translates to “Divide the pear in two” in English. What it actually means is to meet someone halfway, something quite different. As AltaVista Co.s Babel Fish translation site […]

The ability to quickly receive a graph from a colleague and then manipulate it directly from a Web browser is a great decision-making aid. Spotfire Inc.s Spotfire DecisionSite Posters 7.1.1 does just that, providing a Web portal and slim Web-based client for the companys DecisionSite data analysis and charting server. In eWEEK Labs tests using […]

Last month MySQL rolled out preview versions of the next release of its namesake database, as well as its upcoming MySQL Control Center, a Linux and Windows graphical administration tool. MySQL 4.1, now in alpha (only source code is downloadable), gains subselect and subquery support. In so doing, it removes a major source of SQL […]

The Open Web Application Security Project, a collaborative security education site, has released a list of the top 10 vulnerabilities in Web applications. The list, at www.owasp.org, is clearly written and full of real problems—with a variety of matching solutions. Heres the vulnerabilities list followed by eWEEK Labs recommendations. 1. Unvalidated Parameters Nothing client computers […]

Microsoft and IBM were the main backers behind six new specification drafts released last month that provide more sophisticated Web services security. WS-Trust (Web Services Trust) provides a challenge-response-based framework for exchanging security identifiers between a Web services client and server and for third-party authentication servers to arbitrate this process. WS-SecureConversation describes how a Web […]

Datawatch Corp.s new VorteXML Server 1.0, which started shipping last month, provides a flexible template-based system to extract data from the straw of undifferentiated text files and turn it into XML gold. The servers sweet spot is with organizations that have collections of plain-text or HTML files (such as invoices, reports, confirmation e-mail messages or […]