Database Reference
In-Depth Information
// use Runtime.getRuntime().totalMemory(),
maxMemory() and freeMemory()
// in logging procedure for recording the JVM memory
state at the moment of
//error. Use simple equation usedJVMMemory =
totalMemory() -
// freeMemory() for calculating amount of used
memory.
}
}
Tip
Do not force garbage cleaning by calling System.gc() too often to release the
memory. You should trust the intelligence of modern JVM (Oracle JRockit in particular,
the true core of OFM) and rest assured that JVM does everything possible to optimize
memory utilization. If your code is far from optimal, and contains any vulnerabilities
mentioned in vulnerability analysis at the beginning of this chapter, even the best garbage
cleaner from JRockit won't be able to turn the tide. Furthermore, even the paramount peri-
meter protection around your Service Inventory will just die trying to defend service com-
positions.
Although samples in this paragraph are Java-related (strategic Oracle language), make
sure that you have the proper PL/SQL exception handlers as well. All data handling code
should be on PL/SQL. (This is for a relational DB, of course; for NoSQL, it depends on
realization but is close to data.) Use PL/SQL packages for better modularity and EH cent-
ralization. The statement in packages must be prepared. That's it. These are the most ef-
fective measures to make injection attacks as hard as possible. Oracle provides complete
guidance on how to write injection-proof PL/SQL code. You can find the documentation
at http://www.oracle.com/technetwork/database/features/plsql/overview/how-to-write-
injection-proof-plsql-1-129572.pdf .
Message screening - preventing injection attacks
While discussing the attack types, we spent most of the time talking about injections, be-
cause this is the best way to get to your precious data. That's what the attackers want, not
just to crash your system. Some say that DoS ( http://www.cert.org/historical/tech_tips/
denial_of_service.cfm ) repelling is the hardest security task. No, it isn't. It's just most ex-
pensive, but not the hardest. Injections are much more tricky. Why? Because most of the
Previous Page
Next Page
Applied SOA Patterns on the Oracle Platform
Search WWH ::




Custom Search
Home