Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> www access to oracle db - how do you balance security with access?

www access to oracle db - how do you balance security with access?

From: Dennis Taylor <no_spam_dammit_at_ipipeline.net>
Date: 1997/11/27
Message-ID: <01bcfb6b$7cc3a400$65a09384@dennislap>#1/1 







We want our internet web page to have certain forms that allow inquiries
against our internal database. The way I see it, I have these options:



    
  
  1.   The web inquiry program goes through some kind of proxy on our firewall,
directly to our oracle database. The allowable functions are severely
restricted, probably by user and role. (is this enough?)

  
  2.   The oracle database is copied regularly (by some means) to another
server, also on the inside of the firewall. Web access is to this secondary
server, so if it is compromised, our real data isn't affected. (hopefully)

  
  3.   The oracle database is copied regularly to another server that is
*outside* the firewall. Inquiries then happen against that server, and the
firewall isn't involved. The problem here is bandwidth - our database is
significantly big.






We are willing to spend some money to make this work, but not tens of
thousands.



Can anyone give me their experiences with this type of situation? I am also
going to be calling Oracle, but I have the bad feeling that their response
will include "if you buy this product of ours" multiple times, so I need a
reality check.




-- 


---

email address is dtaylor at ipipeline dot net


---

Spammers: Here's some free addresses for you:
rhundt_at_fcc.gov
jquello_at_fcc.gov
sness_at_fcc.gov
rchong_at_fcc.gov


Received on Thu Nov 27 1997 - 00:00:00 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US