Re: OS authentication question

From: <phil_herring_at_yahoo.com.au>
Date: Wed, 16 Jan 2008 14:32:44 -0800 (PST)
Message-ID: <a521b0ec-a180-4b86-8964-a68da2584388@d4g2000prg.googlegroups.com>

On Jan 17, 8:23 am, GS <G..._at_GS.com> wrote:

> We've not used OS authentication here for any databases yet, so this is
> relatively new to me. To make our SOX compliance easier we are thinking
> about going to OS authentication for a lot of our app's that run on
> Oracle databases, since our network passwords are now very stringent and
> the beancounters are saying the database passwords need to meet the same
> criteria, but if the users connect with the complex OS password then we
> are ok.

You'll create a lot of security holes this way. You can close some of them by only allowing access via an app server like Citrix, and authenticating the users there. Networking rules can allow connections from just the app server(s) and whatever other PCs need access. However, this may not meet your minimum standards for security and it'll probably cost you in administration issues down the track.

Phil

Received on Wed Jan 16 2008 - 16:32:44 CST

This message: [ Message body ]
Next message: bdbafh: "Re: 10g listener configuration"
Previous message: GS: "Re: OS authentication question"
In reply to: GS: "OS authentication question"
Next in thread: bdbafh: "Re: OS authentication question"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message