Re: Securing data from Database Admin
- From: postmaster <postmaster@xxxxxxxxxx>
- Date: Thu, 27 Mar 2008 16:34:06 -0500
Oracle 11g has added a suite of security functions. Ask your DBA to help you. S/he should not have any issue with helping you secure your data to whatever level you want or need to, including restricting their own access. For instance, you can still patch the database without being able to look at the data and you can still back up and restore data even if it's encrypted.
http://www.oracle.com/database/database-vault.html
http://www.oracle.com/database/advanced-security.html
http://www.oracle.com/technology/deploy/security/database-security/secure-application-roles/index.html
http://www.oracle.com/technology/deploy/security/database-security/virtual-private-database/index.html
http://www.oracle.com/technology/deploy/security/database-security/transparent-data-encryption/index.html
I haven't implemented these in 11g myself and don't have any plans to.
-Mike
WALI wrote:
Is there a way we can secure data within (Oracle 9i) database? Supposingly there is an application developed by internal developers and it's backend database is administered by a DB Admin. There is no segregation of duties between development and live environments due to resource constraints.
Is there a way data can be protected from being revealed to or being tempered by DB Admin? He would only be called in when there's some kind of malfunction that too under the watchful eyes of project team leader.
Any thoughts to bring in preventive/detective controls over DB Admin activities?
- References:
- Re: File sharing with Bittorrent: what possible security threads?
- From: hibbard
- Securing data from Database Admin
- From: WALI
- Re: File sharing with Bittorrent: what possible security threads?
- Prev by Date: Re: Anti-Phishing
- Next by Date: RE: Patching internet facing MS systems
- Previous by thread: Re: Securing data from Database Admin
- Next by thread: Re: DoD aproved disk wiping tool
- Index(es):
Relevant Pages
|
