Call for Oracle support & training (800) 766-1884
Free Oracle Tips

Home
Corporate Oracle Training
Custom Oracle Training
Oracle New Features Training
Advanced Oracle DBA Classes
Oracle Tuning Courses
Oracle Tips & Tricks
Oracle Training Links
Oracle Training Links
Oracle Training Links

We are top for USA Oracle Training Clients

 

Free Oracle Tips


 
HTML Text AOL

Free Oracle App Server Tips


 
HTML Text

Oracle support

Oracle training

Oracle tuning

Rednecks!

Remote Oracle

Custom Oracle Training

 

   
  Oracle Tips by Burleson

Chapter 4 General Oracle Security

no authorization to look into the database, but are not necessarily hackers.

HIPAA rules specify that the database be accessible only by authorized users. All users without any authorization to the database, whether they are benign, like a curious internal employee, or a jumpy teenage hacker trying to prove his coming of age to his girlfriend, or malignant hackers trying to steal credit card and health information with the intent to profit from it, should find access to the database very difficult. Object masquerading will help to prevent disclosure of protected information to these types of intruders.

If possible, use a misleading name for tables and columns containing sensitive data to fool intruders. This follows the principle of "Security by Obscurity"!

Profile-Based Security

We discussed the use of profiles in the password section. However, in addition to the password enforcement functions, profiles can be used to enforce the HIPAA security requirements very effectively. The law says that you have to make adequate arrangements to ensure that malicious persons do not abuse connections to the database.

The following parameters can be controlled by profile.

sessions_per_user

 – Hackers typically break into the database using a username, not by stealing the SYS password. Internal employees also break into the database using a user id they already know. In the case of lax users, the password may be stolen and the hackers may use their password.


The above text is an excerpt from:

Oracle Privacy Security Auditing

The Final Word on Oracle Security

 

This is the only authoritative book on Oracle Security, Oracle Privacy, and Oracle Auditing written by two of the world’s leading Oracle Security experts.

This indispensable book is only

$39.95

 and has an immediate download of working security scripts:

 

http://rampant-books.com/book_2003_2_audit.htm



 
 
 
 

Oracle performance tuning book

 

 

Oracle performance tuning software

 
Oracle performance tuning software
 
Oracle performance Tuning 10g reference poster
 
Oracle training in Linux commands
 
Oracle training Excel
 
 
 
 

 

email BC:


Copyright © 1996 -  2014 by Burleson Inc. All rights reserved.

Oracle® is the registered trademark of Oracle Corporation.