Review of Log Messages Database Schema

so i have been tasked to design a log database and i would appreciate some feedback about my design.

I have an application that consists of three basic parts:

  • A frontend
  • A backend
  • A low level component

Each part can create a log message which needs to be stored in a database. The parts(front end, backend, low level component) that create the log messages should be uniquely identified. At the same time when looking at a message it should be possible to see which part created the message.

Each message has a specific type assigned to it and the type can be one of the following destinct values

  • Error,
  • Warning,
  • Info,
  • Debug

The message itself should also be unique, it should have a text that says what is the problem and possibly also a description with extra information about the problem and under which circumstances it could have happened. In addition the time the message was created is very important. Because of the low level component we need microsecond accuracy.

Examples

Message : Pump Failure

Description: The pump is not pumping enough oil. Check the amount of oil and also check the temperature of the system.

Finally there are some extra "requirements" that in my opinion could affect the design of the system: The low level component produces a lot of messages in a short amount of time. This could lead to the database reaching its storage limit relatively fast. In that case the older messages should be deleted first. However there are rules that need to be taken into consideration before deleting a message. An info is less important than a warning and a warning is less important than an error. Another rule is unless I have reached a specific threshold I am not allowed to delete messages of a specific type e.g Only if have more than 500 errors am I allowed to start deleting the older errors.

My current design is the following:

Message     Id (PK)     Name varchar     Description varchar 
MessageType     Id (PK)     Name Varchar 
Sender     Id (PK)     Name Varchar 
MessagesLog     Id (PK)     MessageId (FK)     SenderId (FK)     NotificationTypeId(FK)     Date BigInt 

However taking into consideration these extra requirements and thinking that I will need to do a lot of checking on an application level if certain criteria are fullfiled before i delete a record from the database, i thought about creating a seperate table for each message type:

Message     Id (PK)     Name varchar     Description 
Sender     Id (PK)     Name Varchar 
MessagesLogError     Id (PK)     MessageId (FK)     SenderId (FK)     Date BigInt 
MessagesLogWarning     Id (PK)     MessageId (FK)     SenderId (FK)     Date BigInt 
MessagesLogInfo     Id (PK)     MessageId (FK)     SenderId (FK)     Date BigInt 
MessagesLogDebug     Id (PK)     MessageId (FK)     SenderId (FK)     Date BigInt 

What do you think?

Can you identify telepathically received messages sent through spells like Sending as magical via Detect Magic?

An enemy casts Sending to communicate with a player from far away. In this example, the player character doesn’t know anything about the Sending spell and he might think he is just hearing voices or going crazy.

Another player casts Detect Magic to scan the area. Can this player detect the presence of the telepathic message inside the first players head via Detect Magic as an evocation spell.

How can we communicate short messages long-distance?

In our 5e game, we stole a boat. And a horse carriage. And a lot of other stuff for moving things between cities.

Our DM meant for this to be a way to skip road encounters. We decided to fund a shipping company and hire managers (Knights retainers, etc.) to turn a profit. The DM ruled that these would cover lifestyle expenses, provide us with easy smuggling, etc.

However, we want to keep tabs on the treasure we’re moving back and forth.

What can we use for communicating with our managers from anywhere in the world? What about from say, across the city?

We don’t need to communicate often or for long – a single round will work. All we need is for the manager to say “we need you back”

How to identify why two-factor code SMS messages are never received from certain websites

I have accounts with three financial websites which only offer two-factor authentication codes to be sent via text message or phone call, but when I request codes via text message, the messages are never received. When I choose the phone call option, however, I do receive the call.

Some notes:

  • Requesting codes multiple times does not solve the issue – I never receive any texts.

  • I’ve verified that I have not blocked any phone numbers, either on my phone’s local settings or within my account with my cellular carrier.

  • I can receive codes from all other websites on which I use two-factor authentication and receive codes via text message. This only happens with these three websites. Also, there is no relation between these three sites – they are all for completely separate financial institutions.

  • Reaching out to the customer service/technical support departments of these three websites has not produced any helpful information or solutions.

  • I’ve had this phone number for over 15 years so I’m wondering if at some point my number has inadvertently ended up on an SMS blocked list that these three websites subscribe to.

I want to be able to figure out why this happens and make it so I can receive texts, so that in the event that the phone call option is removed or temporarily unavailable for any of these sites, or I start using a new site which also has this issue but does not offer the phone call option, I won’t lose access to my accounts.

Are there SMS block lists that text messaging services subscribe to? If so, is there a way for someone to find out if their number is blocked? If not, would there be any way to troubleshoot this problem?

how to encrypt and decrypt messages with more than one sender and more than one receiver?

I am creating a chat app. This app contains private messages and channels. These channels include more than one user.

I want to encrypt messages using AES and to transfer the AES key to users of this channel.

I need a secure transport channel so I used diffie hellman. The problem now is how will I get users to generate the same diffie hellman keys so that I can create a shared key which will be the AES encryption key? I have learned the encryption, but between a sender and a receiver only, but here I have more than one sender and more than one receiver.

I had an idea, to make for all users who share the same channel, the same public and private key. Any user who opens the channel takes the public key from the channel and with his own keys he generates the shared key which forms the AES key. user can encrypts and decrypts any message, no matter who sent it, because all users of this channel have the same keys.

Any other ideas?

Note: I am required to use AES encryption but not deffie hellman, so is there another algorithm better than deffie hellman to do this?

How Can I Prevent Hackers From Spoofing TCP messages onto my server?

I have a Python client and server communicating over a TCP socket – they send and receive a certain set of standardized string commands to each other.

How can I prevent a hacker from creating their own client that sends the same kind of string commands (but with their own values) to the server?

Is it right that I can assume the hacker has access to the TCP messages being transmitted/received, but not the individual code that is being executed (if I only give them the executable)?

I’m new to network security and wanted to decide how best to design my network communication scheme.

Idea – I was imagining that I could possibly encrypt the messages before sending and decrypt on the server (assuming the hacker can’t find any of the keys in the source code?). Is this a secure way of going about it and am I on the right track?

Why can’t we encrypt the message with sender’s private key and receiver’s public key in case of sending messages through a server?

I read that why do we need E2EE and can’t rely only on HTTPS for sending messages through a messaging app. The reason which i understood is when sender sends the message to the server, the TLS connection is associated with the server. TLS terminates at the server and whoever controls the server has the ability to view the messages since they are not encrypted.But, In this process when we send a message to the server, we are firstly encrypting the message with sender’s private key and then with server’s public key.

My question is why can’t we encrypt the message with sender’s private key and then receiver’s public key? In this way, even if it reaches server, it won’t be able to view anything since it can only be decrypted using receiver’s private key.

If this is possible, then why do we use methods like Diffie Hellman key exchange?

What could be the reasons for two different OTP messages for the same merchant when we do online transactions through debit card?

While I was doing a transaction (say adding money to one of the mobile wallets) through a SBI debit card, I could see two different OTP messages for different transactions. (Please refer to the image)

Say one time I am adding X amount, So I was getting OTP message from SBI but in the next transaction when I was adding Y amount, I was getting OTP message from BHIM SBI Pay.

What could be the reasons behind it? Is it becuase of the payment gateway (Like PayU,CC Avenue) or somethineg else? Has anyone else observed the OTP message coming in the name of BHIM SBI Pay / SBIPAY? AD-SBIPAY

TM-SBIOTP