AuthorityBase is an IT knowledgebase dedicated to the world of databses and RDBMS systems by David Yahalom. Here you'll find articles, tips and general knowledge about Oracle, DB2 LUW, Sql Server, MySql and more. I hope you'll enjoy your stay.
30th
JUL
Limelight
Posted by David Yahalom under Security, Oracle
I would like to thank the several people that have emailed me about this. Pete Finnegan, who is one of the most prominent figures in the world of Oracle databases and Oracle Security has mentioned AuthorityBase on his web site!
He has a writeup mentioning the Oracle Security presentation I’ve created for my company (XpertOne1) and he seemed to liked it. 
5th
JUN
The secure Oracle database - howto
Posted by David Yahalom under Security, Oracle
Last week I’ve held a 45 minute presentation about Oracle-made DB security solutions at a customer convention held by Xpert-One1, the company I work for (Xpert-one1).
It was a pretty neat presentation focusing on how to achieve 360 degrees of protection for your database, how most security exploits originate from within the organization (an IDC study shows as much as %80) and how while network security is well understood (firewalls, VPNs, etc) database security is almost always forsaken (not many businesses expect their DBAs to be security focused).
My presentation covers the following Oracle products and how the fit in creating a secure database:
Oracle Database Vault
Oracle Advanced Security
Oracle Transparent Table Encryption
Oracle Label Security & Oracle Virtual Private Database
Oracle Secure Backup
Oracle Grid Control
You can download my presentation here.
It’s high level, since the audience we were targeting were CTOs, IT managers, security guys and not actual DBAs.
Fell free to leave comments or contact me if you have questions or want more information.
30th
MAR
Great Oracle RLS article
Posted by David Yahalom under Security, Oracle
Yesterday I stumbled across a great article about Oracle Row Level Security (RLS) with a great and detailed beginners tutorial.
RLS is a great way to implement application security where many users must connect to the same data but only see different parts of the data based on their role or position in the organization.
In many cases RLS is easier to implement and maintain compared to using views, tirggers or using different schema for data access as business rules and security implementations are done through one PL/SQL procedure per table instead of being spread throughout the applications code.
Another great benefit of RLS is tighter security than what views or triggers provide because RLS can prevent a user from circumventing the security policy by accessing the database directly and query the tables underlying the views.
Recent Posts
- Hashing strings in Oracle 8i,9i,10g
- Started a new job!
- Migrating from SPARC to x86
- Show full process name / path / string in Solaris using ps
- Limelight
Categories
- DB2 LUW (11)
- ETL (2)
- General IT (5)
- Hardware (3)
- Linux (3)
- MySQL (1)
- Oracle (27)
- RAC (3)
- Security (3)
- Solaris (3)
- SQL Server (1)
- Uncategorized (1)
- Unix (2)
- Windows (1)
Archives
- November 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- October 2007
- September 2007
- July 2007
- June 2007
- April 2007
- March 2007
- February 2007
- January 2007
- March 2006
Blogroll
AuthorityBase by David Yahalom is powered by Wordpress. Designed by Free WordPress Themes.