Oracle FAQ Your Portal to the Oracle Knowledge Grid

Home -> Community -> Usenet -> c.d.o.server -> Re: tough choices

Re: tough choices

From: Larry <>
Date: Fri, 25 Jun 2004 08:58:30 -0400
Message-ID: <cbh7hm$qeo$>

I'd be curious as to what % of Oracle customers use each one of these. There are very few that I've heard as requirements from customers. But perhaps we are just talking differences in nomenclature and semantics from what I have heard.

Larry Edelstein

Mark Townsend wrote:
> Ian wrote:

>> Can you list the specific security features that are provided with the
>> base Oracle product that are missing from DB2 UDB for LUW?

> I'm presuming DB2 has column encryption, roles, system and object
> privileges, GRANT/DENY privileges, basic auditing etc. So I think that
> leaves
> * Enterprise Users (password authenticated, requires an LDAP directory)
> * Schema Independent Users
> * Security Policies (policies attached to tables and views that
> determine what rows can be accessed based on information known about the
> user)
> * Secure Application Contexts (the afore mentioned user information,
> which cannot be spoofed)
> * Global Application Contexts (same again, this time shared across
> multiple connections)
> * Relevant Column Enforcement (applies security policy only when query
> accesses named columns)
> * Relevant Column Masking (all rows are returned, but relevant columns
> are masked (hidden) according to security policy)
> * Partitioned Fine Grained Access Control (allows multiple security
> policies to be applied to the same table, information about the user
> determines which policy is applied)
> * Proxy Authentication - allows a user identity on a client to be
> securely proxied through a middle tier, without the need for the middle
> tier to know the users security credentials (password etc).
> * Audit Policies (similar to security polcies, in that they are specific
> to what the user trys to access, and that they fire an audit event)
> * Audit trails that include what data the user saw at the time they
> performed the operation (uses Flashback if the row has since been
> changed, deleted, etc)
> * Administrator Audit Trails - an audit trail of what the DBA did that
> the DBA etc cannot see.
> * Proxied User Audit Trails - an audit trail that shows what a client
> did via a middle tier proxy.
> Last but not least, 10 independent security certifications (over
> multiple releases).
> Note that this is just the base EE product - the Advanced Security
> Option, and Label Security, extends this list of features (and
> certifications) even further.
Received on Fri Jun 25 2004 - 07:58:30 CDT

Original text of this message