Conducting a Security Audit of an Oracle Database
نویسنده
چکیده
Conducting a Security Audit of an Oracle Database The focus of the paper is on auditing access controls to Oracle databases. What should the auditor evaluate and test to enable him to give an informed opinion about the security of an information system based on an Oracle database? A number of issues that the auditor should evaluate are discussed in the paper, with indications of how these issues should be dealt with by the entity being audited.
منابع مشابه
Towards Side-Effects-free Database Penetration Testing
Penetration testing is one of the most traditional and widely used techniques to detect security flaws in systems by conducting simulated-attacks to the target systems. Organizations can develop a tool based on this technique to assess their own security systems or use third party softwares. However, besides its advantages in exploring real security vulnerabilities without false results, this t...
متن کاملProvably secure and efficient identity-based key agreement protocol for independent PKGs using ECC
Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is ...
متن کاملActive Initiatives and ICT Innovations for the Formation of Competitive Advantage
The paper is centered on the active initiatives from the ICT (information and communication technology) field using analysis and comparison of adopted solutions in ICT products for the support of competitive advantages. Confrontation of existing options is demonstrated on a security layer of selected products. This wider analysis brings an overview via operating and database systems, BI, and CR...
متن کاملXTOLS: Cross-tier Oracle Label Security
SELINKS allows cross-tier security enforcement between the application tier and the database tier by compiling policy functions and database queries into user-defined functions (UDFs) and SQL queries. Unfortunately, this kind of enforcement is restricted to the policies written within SELINKS framework; and therefore, it does not take into account the existing policies in the database. Furtherm...
متن کاملAudit of Minimally Invasive Hysterectomy Rates: A Canadian Retrospective Cross-Sectional Database Review
Background: Minimally invasive hysterectomy is generally preferable to abdominal hysterectomy. The technicity index (TI) is the proportion of hysterectomies performed by minimally invasive surgery. Many centers globally have started to audit local TI as a quality indicator, but only a handful have published their results to help define international standards of care. <st...
متن کامل