tailieunhanh - Applied Oracle Security: Developing Secure Database and Middleware Environments- P26
Applied Oracle Security: Developing Secure Database and Middleware Environments- P26:Computer security is a field of study that continues to undergo significant changes at an extremely fast pace. As a result of research combined with increases in computing capacity, computer security has reached what many consider to be “early adulthood.” From advances in encryption and encryption devices to identity management and enterprise auditing, the computer security field is as vast and complex as it is sophisticated and powerful | 224 Part II Oracle Database Vault As you can see factors can play a significant role in application logic codified in your PL SQL programs and can be integrated into row-level security mechanisms such as Oracle VPD Oracle OLS Oracle FGA and database views. The implementation of factors as PL SQL opens up these possibilities and just about any PL SQL-based database feature such as database triggers or database jobs. Identify DBV Realms and Realm Objects Based on Objects The next step in the process of designing the DBV security policy is to examine the objects in our security profile to determine where we may have sensitive information that needs to be protected. We can identify the following objects Product Costs Products Sales Organization Sales Management Package User Credentials Social Security Number Salary Commission System Security Package Products Channels Promotions Audit Trail Audit Notifications Next we can ask ourselves whether we can categorize the information by the following criteria Application and access requirements Content type This high-level usage analysis can be done using the information in Table 6-3 with requirements documents such as use case scenarios or UML sequence diagrams providing input into the analysis. Chapter 6 Applied Database Vault for Custom Applications 225 Object Content Type Application Type Access Requirement Product Costs Sales SOX compliance Sales Management Read Write Products Sales Sales Management Read Write Read in this use case Channels Sales Sales Management Read Write Read in this use case Promotions Sales Sales Management Read Write Read in this use case Sales Management Package Sales Sales Management Read Write Sales Organization Identity Management Human Resources Read User Credentials Identity Management Human Resources Read Social Security Number Identity Management PII compliance Human Resources Prevent Read Salary Identity Management privacy Human Resources Prevent Read Commission Identity Management privacy
đang nạp các trang xem trước