Volume 13, Number 3
Database Private Security Jurisprudence: A Case Study using Oracle
Authors
Madhuri N. Gedam and B. B. Meshram, Mumbai University, India
Abstract
Oracle is one of the largest vendors and the best DBMS solution of Object Relational DBMS in the IT world. Oracle Database is one of the three market-leading database technologies, along with Microsoft SQL Server's Database and IBM's DB2. Hence in this paper, we have tried to answer the million-dollar question “What is user’s responsibility to harden the oracle database for its security?” This paper gives practical guidelines for hardening the oracle database, so that attacker will be prevented to get access into the database. The practical lookout for protecting TNS, Accessing Remote Server and Prevention, Accessing Files on Remote Server, Fetching Environment Variables, Privileges and Authorizations, Access Control, writing security policy, Database Encryption, Oracle Data Mask, Standard built in Auditing and Fine Grained Auditing (FGA) is illustrated with SQL syntax and executed with suitable real life examples and its output is tested and verified. This structured method acts as Data Invictus wall for the attacker and protect user’s database.
Keywords
Attacks, Authentication, Authorization, Access Control, Multilevel Security, Encryption, Audit, Data redaction , intrusion detection and Database Firewall.