Call Us: US - +1 845 478 5244 | UK - +44 20 7193 7850 | AUS - +61 2 8005 4826

Choice of DBMS | Economic factors

A Matrix of Security Risks and Solutions

Table 1-3 relates security risks to the technologies which address them, and to the corresponding Oracle products.

Table 1-3 Matrix of Security Risks and Solutions 
ProblemSolutionSecurity TechnologyOracle Products and Features
Unauthorized usersKnow your usersAuthenticationOracle9i Standard Edition, and Oracle9i Enterprise Edition: Passwords, Password managementOracle Advanced Security: Tokens, smart cards, Kerberos, and so on.PKI: X.509 Certificates
Unauthorized access to dataLimit access to dataAccess controlOracle9i Standard EditionOracle9i Enterprise Edition: Virtual Private Database feature
Dynamic query modificationFine-grained access controlOracle9i Enterprise Edition: Virtual Private Database feature
Limit access to data rows and columnsLabel-based access controlOracle Label Security
Encrypt dataData encryptionOracle9i Standard Edition, and Oracle9i Enterprise Edition
Limit privilegesPrivilege managementOracle9i Standard Edition: Roles, PrivilegesOracle9i Enterprise Edition: Secure Application RolesOracle Advanced Security: Enterprise Roles
Eavesdropping on communicationsProtect the networkNetwork encryptionOracle Advanced Security: EncryptionSecure Sockets Layer
Corruption of dataProtect the networkData integrityOracle Advanced Security: ChecksummingPKI: Checksumming (as part of SSL)
Denial of serviceControl access to resourcesAvailabilityOracle9i Standard Edition and Oracle9i Enterprise Edition: User Profiles
Complexity to userLimit number of passwordsSingle signonOracle Advanced Security: Kerberos, DCE, Enterprise User SecurityLogin Server: Web-Based SSO
Complexity to administratorCentralize managementEnterprise user securityOracle Advanced Security: Directory IntegrationOracle Internet Directory
Lack of accountabilityMonitor users’ actionsAuditingOracle9i Standard Edition: AuditingOracle9i Enterprise Edition: Standard Auditing, Fine-Grained Auditing.
Overly broad access to dataDynamic query modificationFine-grained access controlOracle9i Enterprise Edition: Virtual Private DatabaseOracle Label Security
Too many accountsCentralize managementDirectory services, LDAP-compliant directory servicesOracle Internet Directory
Operating system break-inEncrypt sensitive dataStored data encryptionOracle9i Standard Edition and Oracle9i Enterprise Edition: Data encryption