Securing JDBC driver applications

Download JDBC driver

Enhancing the security of a Microsoft JDBC Driver for SQL Server application is crucial. Security involves more than avoiding common coding pitfalls. An application that accesses data has many potential failure points that an attacker can exploit. Security failures may allow attackers to retrieve, manipulate, or destroy sensitive data. It's important to understand all aspects of application security. From the process of threat modeling during the design phase to eventual deployment, and continuing through ongoing maintenance.

The articles in this section describe some common security concerns including connection strings, validating user input, and general application security.

In this section

Article Description
Securing connection strings Describes techniques to help protect information used to connect to a data source.
Validating user input Describes techniques to validate user input.
Application security Describes how to use Java policy permissions to help secure a JDBC driver application.
Using encryption Describes how to establish a secure communication channel with a SQL Server database using Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL).
FIPS mode Describes how to use JDBC driver in FIPS-compliant mode.

See also

Overview of the JDBC driver