home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.databases.oracle
- Path: sparky!uunet!cs.utexas.edu!qt.cs.utexas.edu!yale.edu!jvnc.net!synapse.bms.com!watson.bms.com!sinha
- From: sinha@watson.bms.com (Anil Sinha)
- Subject: Application Security.
- Message-ID: <21JUL199215002997@watson.bms.com>
- News-Software: VAX/VMS VNEWS 1.4-b1
- Keywords: Security, Application
- Sender: news@synapse.bms.com
- Organization: X
- Date: Tue, 21 Jul 1992 20:00:00 GMT
- Lines: 28
-
- Hi Database Gurus,
-
- I would appreciate feedback as how is/was security implemented in your
- database application using Oracle 6.# and plans as to how they would do it
- in version 7. Especially taking into consideration the following
-
- a. Maximum level to which the security could be implemented so that whatever
- tools the user used to logon to the database, this minimum level of security
- would be available at the data level. Egs Using views or other means. How
- about row level security or am I just dreaming ?
-
- b. One has a situation in which the user can only modify the data using this
- application. So develop the application such that only one Oracle username
- is used to logon to database but provide within the application
- username/password implementation which looks like database username. In this
- case the user does not know the application username/password so cannot log on
- using other tools like Sql*Plus or third party tools. The draw back to such an
- implememtation is that one is reinventing the wheel to implement security level
- which may be available at the database level (egs. Roles in version 7.0 ).
-
- Or forget the overhead, its not worth it
- Or go for Trusted Oracle
-
-
- Thanks in advance.
-
- Anil Sinha
- internet: sinha@watson.bms.com
-