Identifying Information

Previous page
Table of content
Next page

This chapter focused on using the end user’s name as the identifying piece of information. This is certainly the most common case, but you don’t have to be restricted to only the user’s name. The more information you can provide to the database, the more security the database may be able to apply. For example, you can pass the end user’s IP address. Because the application is connected to the database, the database has no idea of where the user is connecting from. A security policy may use this information to restrict or allow access to database objects.

User authorizations that are known to the application and not to the database can also prove useful to the database. If the user isn’t authenticated to the database, the database may not be able to distinguish between an application administrator and a simple application user.

The application itself can authenticate itself to the database by passing some authorization token, such as a password, to the database. This is useful in ensuring that the users are accessing the database via a specific application. You can concatenate all these items together and place them in either or both the Client Identifier and/or the secure PL/SQL package. The package will allow you to store multiple attributes of multiple data types.


Previous page
Table of content
Next page
Effective Oracle Database 10g Security by Design
Effective Oracle Database 10g Security by Design
ISBN: 0072231300
EAN: 2147483647
Year: 2003
Pages: 111
Authors: David Knox, McGraw-Hill
BUY ON AMAZON
Adobe After Effects 7.0 Studio Techniques
Java How to Program (6th Edition) (How to Program (Deitel))
Twisted Network Programming Essentials
Microsoft VBScript Professional Projects
PMP Practice Questions Exam Cram 2
Quantitative Methods in Project Management
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy