Chapter 8. Security

Previous page
Table of content
Next page

In this chapter I will discuss the concept of security.First I'll give you a conceptual framework for your own security policy. If your Oracle installation is new, the following pages will be very important. If your shop is already an Oracle site, what follows will be a good overview. After the introduction, we'll get right to work and build all the parts that will go into your security schema.

Security. What are we trying to protect? First, of course, is your database, or what can be thought of as your system. Second is the data itself. What do we need to protect from? Primarily your users. In almost all cases, users are not malicious; in fact, any problems that arise are usually much less dramatic. When bad things happen to your data, the cause is almost always purely accidental, a result of insufficient security. Very, very few users have the time to invest or interest in breaking security, and most users really don't care if you're using an RDBMS or a pile of bricks . What you have to do is protect both your data and your users, including both programming staff and business users.

There are two threats: (1) user mistakes made with no ill intent and (2) deliberate attempts to damage your system. Your security schema, then, has two major tasks : (1) to prevent as well as possible any damage and (2) to recover quickly and accurately when necessary. We will be talking about the first of these ”the steps you can take to reduce things such as unauthorized (or inadvertent) access, unauthorized (or inadvertent) update, and fraudulent and/or malicious update. In Chapter 12 we will discuss backup and recovery.

In addition, there must be an overall policy to control passwords, auditing, and the like. This policy must be well thought out to strike the balance between just enough security and ease of work flow for your users. In other words, you could force a password change every seven days, but you will run into some very, very strong opposition .

The preceding is the outline for this chapter. We'll be talking about overall system security, data security, user security, and finally passwords and auditing. Each topic will include the background information you will need in Chapter 9, when you will actually go back to your Oracle server and start creating roles, profiles, and users.


Previous page
Table of content
Next page
Guerrilla Oracle
Guerrilla Oracle: The Succinct Windows Perspective
ISBN: 0201750775
EAN: 2147483647
Year: 2003
Pages: 84
Authors: Richard Staron
BUY ON AMAZON
CompTIA Project+ Study Guide: Exam PK0-003
Image Processing with LabVIEW and IMAQ Vision
WebLogic: The Definitive Guide
Network Security Architectures
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy