Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Clarifying my original Q about 'Row level security'

Re: Clarifying my original Q about 'Row level security'

From: Sundial Services <news-reply_at_sundialservices.com>
Date: 1998/01/25
Message-ID: <news-reply.6860.00DAD18A@sundialservices.com>#1/1

In article <34cb4de4.3042382_at_news.tele.dk> cr_at_post.dk (Christian Roig) writes:

> - Single SingOn
> - Password synchronization Oracle <> NT
> - Control access/usage of Oracle- and non-Oracle objects
> (tables, views, columns, rows, screens, functions, commands etc.)
> - logging of authorized and un-authorized access
> - and more 'security' and 'administration' help.
 

>Do you know of Any tools/software that will give me either all or parts of the
>above mentioned 'things' - Then please drop me a line or two - Thanks !

(1) In the SQL world, the way to provide row-level security, of sorts, is with triggers or by setting up a restricted view, granting authority on the table to the view but not to the users.

(2) Integration between OS-level and database-level security is often not to be found, =and= it is often not recommended! You want users to have to enter a *different* password to gain access to the database. If all the locks in the castle have the same key, then a burglar can steal from anywhere and everywhere in the house.

(3) Unfortunately, logging of unauthorized access is highly vendor-specific. Some engines will write such attempts to a log-file, generally separate from any database (i.e. not the transaction-recovery "log file"), and many engines don't even log successful attempts. This makes password-level security management all the more important.

(4) I don't believe the SQL standard talks about security-management much, if at all. I wish it did. I wish that databases were consistent on this. Received on Sun Jan 25 1998 - 00:00:00 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US