| OverviewThis book covers the field of Oracle security from simple to
complex. It describes basic RDBMS security features (e.g.,
passwords, profiles, roles, privileges, synonyms) and
includes many practical strategies for securing an Oracle
system, developing auditing and backup plans, and using the
Oracle Enterprise Manager and Oracle Security Server. Also
touches on advanced security features, such as encryption,
Trusted Oracle, and Internet and Web protection. Editorial Reviews| Book Description | | Security in a relational database management system is complex, and too few DBAs, system administrators, managers, and developers understand how Oracle implements system and database security. This book gives you the guidance you need to protect your databases. Oracle security has many facets: - Establishing an organization's security policy and plan
- Protecting system files and passwords
- Controlling access to database objects (tables, views, rows, columns, etc.)
- Building appropriate user profiles, roles, and privileges
- Monitoring system access via audit trails
Oracle Security describes how these basic database security features are implemented and provides many practical strategies for securing Oracle systems and databases. It explains how to use the Oracle Enterprise Manager and Oracle Security Server to enhance your site's security, and it touches on such advanced security features as encryption, Trusted Oracle, and various Internet and World Wide Web protection strategies. A table of contents follows: Preface Part I: Security in an Oracle System - Oracle and Security
- Oracle System Files
- Oracle Database Objects
- The Oracle Data Dictionary
- Default Roles and User Accounts
- Profiles, Passwords, and Synonyms
Part II: Implementing Security - Developing a Database Security Plan
- Installing and Starting Oracle
- Developing a Simple Security Application
- Developing an Audit Plan
- Developing a Sample Audit Application
- Backing Up and Recovering a Database
- Using the Oracle Enterprise Manager
- Maintaining User Accounts
Part III: Enhanced Oracle Security - Using the Oracle Security Server
- Using the Internet and the Web
- Using Extra-Cost Options
Appendix A. References |
|
Top Sellers in This Category | Browse Similar Topics | | Top Level Categories:Sub-Categories: | | | |
Reader Reviews From Amazon (Ranked by 'Helpfulness') | Average Customer Rating: |  | based on 6 reviews. |
| Good Book, 2001-05-16 | | Reviewer rating: |  |
| | Good book but now sort of out of date given that Oracle is long past 8.0.4 that this book covers. No discussion concerning 8i and 9i. Needs an update - why hasn't O'Rielly done it yet? |
| | time for a re-write, 2001-01-05 | | Reviewer rating: | |
| | This book is ok as far as it goes,but it concentrates on the traditional aspects of database security; passwords, profiles, roles and privileges etc. As organisations move into web-enabling their databases, these security techniques are shown to be inadequate. Oracle 8i has introduced a stack of new security features, which are not covered in this book, or given a very broad coverage. Issues such as LDAP(Oracle Internet Directory) Advanced Security (the old Advanced Networkiing Option) Schema-less logins, single sign on, preserving user identity, secure application roles and virtual private databases should be addressed to help DBA's and IT managers formulate and plan a security strategy for web-enabled/ multi-tier databases. So the book as it stands is of limited usefulness. Unfortunately, there doesn't seem to be any other texts out there that cover these issues at the moment. |
| | Excellent source for the repsonsibilities of Oracle Security, 1999-08-27 | | Reviewer rating: |  |
| | I highly recommend this book to any professional interested in implementing or improving security within their database system. Ms Theriault and Mr Heney should be commended for their comprehensive and common sense approach to Oracle Security. There has never been a research and tool for implementing Oracle Security. This book provides not only the experienced Oracle DBA with tips and reasoning for implementing a security structure within a database, but it also offers the beginner and journeyman computer specialist with the functions of security. The book touches on many topics that are essential to maintaining any computer system. It details the reasoning behind what happens when you do a certain function and you run into problems. |
| | Useless, 1999-07-27 | | Reviewer rating: |  |
| | Too vague and full of incoherent theory. This book does not give any practical advice and simply talks about some basic security techniques. Not enough technical depth for implementing any meaningful security. |
| | disappointingly vague, but at par with my expectations, 1999-03-12 | | Reviewer rating: |  |
| | A brief scan of one chapter told me all I needed to know about the authors' range and depth of knowledge. The use of views to restrict access to underlying tables was discussed without ever once stating clearly whether or not access to the underlying tables must be granted separately. The technique was also incorrectly and vaguely (but, as the authors state, "commonly") referred to as "row-level security," despite the fact that it can be used to restrict access to either columns (SELECT) or rows (WHERE) with equal facility. (A more professional term for the concept is "data-dependent" or "content-dependent" access control.) Only a few pages later, when discussing synonyms, the authors say, "...then grants access privileges to the synonym ..." A synonym is a passive entity that does not enjoy privileges. Rather, privileges are granted to users and roles BY MEANS OF the synonym. There is absolutely no room for such vague, paraprofessional handwaving or such freewheelingly inaccurate use of terminology in the database security sphere. |
|
Some information above was provided using data from Amazon.com. View at Amazon > |
| |
|
|
