Call for Oracle support & training (800) 766-1884
Free Oracle Tips

Home
Corporate Oracle Training
Custom Oracle Training
Oracle New Features Training
Advanced Oracle DBA Classes
Oracle Tuning Courses
Oracle Tips & Tricks
Oracle Training Links
Oracle Training Links
Oracle Training Links

We are top for USA Oracle Training Clients

 

Free Oracle Tips


 
HTML Text AOL

Free Oracle App Server Tips


 
HTML Text

Oracle support

Oracle training

Oracle tuning

Rednecks!

Remote Oracle

Custom Oracle Training

 

   
  Oracle Tips by Burleson

Chapter 4 General Oracle Security

update
    app_users
set
    userpass = get_app_password ('newpass1')
/

Another way is to create a procedure that accepts the user ID and password, and then inserts into the table directly. That way, the user who executes the procedure does not even know which table contains the passwords.

Note an important concept here – the user executing the procedure is not aware of the table behind the authentication or the authentication keys. This offers tremendous security advantages and a flexible password management framework for application users.

HIPAA requires that all users, whether they connect through the database or the application, should be securely authenticated. Until now, there was no proper way of authenticating the application users who were not database users. Using these password management utilities, this requirement can be easily fulfilled.

Action Item: Identify if there are some applications that use authentication via passwords stored in tables. Change the method to the secured method described here.

Definer and Invoker Rights

In the program-based security model, we discussed a way the internal tables and other objects can be hidden from the view of the user who calls the procedure. Let's revisit that quickly.


The above text is an excerpt from:

Oracle Privacy Security Auditing

The Final Word on Oracle Security

 

This is the only authoritative book on Oracle Security, Oracle Privacy, and Oracle Auditing written by two of the world’s leading Oracle Security experts.

This indispensable book is only

$39.95

 and has an immediate download of working security scripts:

 

http://rampant-books.com/book_2003_2_audit.htm



 
 
 
 

Oracle performance tuning book

 

 

Oracle performance tuning software

 
Oracle performance tuning software
 
Oracle performance Tuning 10g reference poster
 
Oracle training in Linux commands
 
Oracle training Excel
 
 
 
 

 

email BC:


Copyright © 1996 -  2014 by Burleson Inc. All rights reserved.

Oracle® is the registered trademark of Oracle Corporation.