FlazX | Browse Computer Book | Community Board | Links | Blog | Login


Oracle Security



eBook Information




Oracle Security
ISBN  1565924509
Release Date  31 December 1969
Category  Oracle
This book @Amazon  View

Google Search
Google
Web flazx.com


Security in a relational database management system is complex, and too few DBAs, system administrators, managers, and developers understand how Oracle implements system and database security. This book gives you the guidance you need to protect your databases. Oracle security has many facets: Establishing an organization's security policy and planProtecting system files and passwordsControlling access to database objects (tables, views, rows, columns, etc.)Building appropriate user profiles, roles, and privilegesMonitoring system access via audit trails Oracle Security describes how these basic database security features are implemented and provides many practical strategies for securing Oracle systems and databases. It explains how to use the Oracle Enterprise Manager and Oracle Security Server to enhance your site's security, and it touches on such advanced security features as encryption, Trusted Oracle, and various Internet and World Wide Web protection strategies.

User review
Good Book
Good book but now sort of out of date given that Oracle is long past 8.0.4 that this book covers. No discussion concerning 8i and 9i. Needs an update - why hasn't O'Rielly done it yet?

User review
time for a re-write
This book is ok as far as it goes,but it concentrates on the traditional aspects of database security; passwords, profiles, roles and privileges etc. As organisations move into web-enabling their databases, these security techniques are shown to be inadequate.

Oracle 8i has introduced a stack of new security features, which are not covered in this book, or given a very broad coverage. Issues such as LDAP(Oracle Internet Directory) Advanced Security (the old Advanced Networkiing Option) Schema-less logins, single sign on, preserving user identity, secure application roles and virtual private databases should be addressed to help DBA's and IT managers formulate and plan a security strategy for web-enabled/ multi-tier databases.

So the book as it stands is of limited usefulness. Unfortunately, there doesn't seem to be any other texts out there that cover these issues at the moment.

User review
Excellent source for the repsonsibilities of Oracle Security
I highly recommend this book to any professional interested in implementing or improving security within their database system. Ms Theriault and Mr Heney should be commended for their comprehensive and common sense approach to Oracle Security. There has never been a research and tool for implementing Oracle Security. This book provides not only the experienced Oracle DBA with tips and reasoning for implementing a security structure within a database, but it also offers the beginner and journeyman computer specialist with the functions of security. The book touches on many topics that are essential to maintaining any computer system. It details the reasoning behind what happens when you do a certain function and you run into problems.

User review
Useless
Too vague and full of incoherent theory. This book does not give any practical advice and simply talks about some basic security techniques. Not enough technical depth for implementing any meaningful security.

User review
disappointingly vague, but at par with my expectations
A brief scan of one chapter told me all I needed to know about the authors' range and depth of knowledge. The use of views to restrict access to underlying tables was discussed without ever once stating clearly whether or not access to the underlying tables must be granted separately. The technique was also incorrectly and vaguely (but, as the authors state, `commonly`) referred to as `row-level security,` despite the fact that it can be used to restrict access to either columns (SELECT) or rows (WHERE) with equal facility. (A more professional term for the concept is `data-dependent` or `content-dependent` access control.) Only a few pages later, when discussing synonyms, the authors say, `,,.then grants access privileges to the synonym ,,.` A synonym is a passive entity that does not enjoy privileges. Rather, privileges are granted to users and roles BY MEANS OF the synonym. There is absolutely no room for such vague, paraprofessional handwaving or such freewheelingly inaccurate use of terminology in the database security sphere.





Other books on Oracle
Expert Oracle Practices: Oracle Database Administration from the Oak Table
Beginning Oracle SQL
Oracle SQL Recipes: A Problem-Solution Approach
Oracle SQL Developer 2.1
Getting Started With Oracle SOA Suite 11g R1 A Hands-On Tutorial
Oracle Performance Survival Guide: A Systematic Approach to Database Optimization
Oracle Essbase & Oracle OLAP: The Guide to Oracle's Multidimensional Solution (Osborne ORACLE Press Series)
Oracle JDeveloper 11g Handbook: A Guide to Fusion Web Development (Osborne ORACLE Press Series)
Oracle PL/SQL Programming, Fifth Edition
Applied Oracle Security: Developing Secure Database and Middleware Environments
TOAD Handbook (2nd Edition)
Oracle User Productivity Kit 3.5
Oracle Warehouse Builder 11g: Getting Started
Oracle Application Express Forms Converter
Oracle Data Guard 11g Handbook (Osborne ORACLE Press Series)


Resources
FlazX 100 Newest Books  Top 100 Search Keywords  Last 100 Search Keywords  Community Edition 


Google Talk : admin-at-flazx-dot-us


eXTReMe Tracker