Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Database security

RE: Database security

From: MacGregor, Ian A. <ian_at_slac.stanford.edu>
Date: Wed, 17 Mar 2004 08:07:07 -0800
Message-ID: <26E3EC48949D134C94A1574B2C89466113A780@exchange2.slac.stanford.edu> 





The passwords could be kept in a boxed protected by lead seals and placed in  an appropriate safe.    The room with the safe  would  also be a No Lone Zone.  
 


I don't think one can trace most compromises of data to the database itself.  It gets out when its downloaded to a PC to facilitate charts and then placed on portable media. It gets out when paper reports are improperly handled.    Remember when Oracle went dumpster-diving at Microsoft headquarters?  
 
 


Ian MacGregor


Stanford Linear Accelerator Center


ian_at_slac.stanford.edu <mailto:ian_at_slac.stanford.edu> 
 






From: Boivin, Patrice J [mailto:BoivinP_at_mar.dfo-mpo.gc.ca] 
Sent: Wednesday, March 17, 2004 6:30 AM


To: 'oracle-l_at_freelists.org'


Cc: MacGregor, Ian A.


Subject: RE: Database security


Importance: Low




Er... what happens if one of the two people gets hit by a bus?
 


Just curious.
 


Patrice.



-----Original Message-----



From: Whittle Jerome Contr NCI [mailto:Jerome.Whittle_at_scott.af.mil] 
Sent: March 17, 2004 10:14 AM


To: oracle-l_at_freelists.org


Cc: ian_at_slac.stanford.edu


Subject: RE: Database security





You'd have to hire guards to shoot anyone entering the No Lone Zone solo. Reminds me of my aircraft maintenance days in the military. Of course the stakes were MUCH higher then.



Jerry Whittle



ASIFICS DBA


NCI Information Systems Inc.



jerome.whittle_at_scott.af.mil



618-622-4145



        -----Original Message-----



        From:   MacGregor, Ian A. [SMTP:ian_at_slac.stanford.edu]



        There is also the idea of two-man control.  No one is allowed sole access to the machine room.  No one knows the entire  root/admin or dba password.  I know of many places which implement two-man control for physical security, but none that have carried it to the computer security level.  It would be so burdensome.

         



        Ian MacGregor



        Stanford Linear Accelerator Center



        ian_at_slac.stanford.edu <mailto:ian_at_slac.stanford.edu <mailto:ian_at_slac.stanford.edu> >







Please see the official ORACLE-L FAQ: http://www.orafaq.com




To unsubscribe send email to:  oracle-l-request_at_freelists.org
put 'unsubscribe' in the subject line.

--
Archives are at http://www.freelists.org/archives/oracle-l/
FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html


-----------------------------------------------------------------



Received on Wed Mar 17 2004 - 10:05:35 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US