Re: Securing data from Database Admin
- From: "Ali, Saqib" <docbook.xml@xxxxxxxxx>
- Date: Thu, 27 Mar 2008 13:17:52 -0700
How about just encrypting the fields in the database? This way the
application and application developers will have access to usable
(i.e. decrypted) data whereas the Database Administrators will only
see encrypted data but will still be able to perform their job
(backup, restore etc).
I was looking into MS SQL's built-in encryption to do something
similar to what you are trying to do. I haven't tried it yet, so I
can't give you the specifics. But I know it works, and you can control
access using AD groups.
saqib
http://doctrina.wordpress.com/
On Thu, Mar 27, 2008 at 11:40 AM, WALI <hkhasgiwale@xxxxxxxxx> wrote:
Is there a way we can secure data within (Oracle 9i) database? Supposingly
there is an application developed by internal developers and it's backend
database is administered by a DB Admin. There is no segregation of duties
between development and live environments due to resource constraints.
Is there a way data can be protected from being revealed to or being
tempered by DB Admin? He would only be called in when there's some kind of
malfunction that too under the watchful eyes of project team leader.
Any thoughts to bring in preventive/detective controls over DB Admin
activities?
--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net
- Follow-Ups:
- Re: Securing data from Database Admin
- From: Ansgar -59cobalt- Wiechers
- Re: Securing data from Database Admin
- References:
- Re: File sharing with Bittorrent: what possible security threads?
- From: hibbard
- Securing data from Database Admin
- From: WALI
- Re: File sharing with Bittorrent: what possible security threads?
- Prev by Date: RE: Pen tester
- Next by Date: RE: DoD aproved disk wiping tool
- Previous by thread: Securing data from Database Admin
- Next by thread: Re: Securing data from Database Admin
- Index(es):
Relevant Pages
|
