Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.tools -> Re: Oracle security

Re: Oracle security

From: Tfidd <tfidd_at_aol.com>
Date: 1997/01/31
Message-ID: <19970131163901.LAA18710@ladder01.news.aol.com>#1/1

There are some methods for doing this. The Military uses "Trusted Systems" that allow unclassified, secret, and top secret data to be stored in both operating systems and data bases that are certified by the NSA. The NSA certification specifies that data at different security levels can not be exchanged or viewed by users of different security levels. It is "Trusted" not to let the wrong people see classified data.

Unix operating systems such as HP-UX have been rewritten so that the functionality of the root account has been split among several different accounts. With Trusted Oracle, you can split the DBA account up into several accounts with only the privileges to do backup and recovery and not allow the DBA to view data. I have done this very thing on another project.

The main disadvantages is the cost related to this type of security. People with the experience in these types of systems are expensive and in high demand by various military and intelligence agencies with big pockets. You can refer to the "Orange Book" produced by either the military or NSA to find out about the functionalities that describe various levels of "Trusted Systems". You may also want to contact your Oracle rep.

Thomas Fidd
US Army AI Center
tfidd_at_aol.com Received on Fri Jan 31 1997 - 00:00:00 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US