Oracle Consulting Oracle Training Oracle Support Development
Home
Catalog
Oracle Books
SQL Server Books
IT Books
Job Interview Books
eBooks
Rampant Horse Books
911 Series
Pedagogue Books

Oracle Software
image
Write for Rampant
Publish with Rampant
Rampant News
Rampant Authors
Rampant Staff
 Phone
 800-766-1884
Oracle News
Oracle Forum
Oracle Tips
Articles by our Authors
Press Releases
SQL Server Books
image
image

Oracle 11g Books

Oracle tuning

Oracle training

Oracle support

Remote Oracle

STATSPACK Viewer

Privacy Policy

 

   
 

Oracle Tips by Burleson

Chapter 8 General Oracle Auditing

as a generic user, e.g. APPUSER. As far as the application is concerned, the user is CLARA. For the database, the user is APPUSER. Therefore all auditing records show the user as APPUSER, not CLARA, and all audit trails will be recorded as being done by APPUSER. This completely defeats the purpose of auditing and accountability.

The best option is to have separate user accounts and have them authenticated by the database. However, that is not a choice many DBAs have when they inherit applications written long ago.

Another option is to have Oracle Single Sign-On Option (SSO) where a secured application model authenticates the application user once and his identity is passed from tier to tier. This is perhaps the best practical option overall and Oracle is investing heavily in the identity management process – an area that is supposed to mushroom into big business in the next few years. However, the biggest obstacle to this is the infrastructure requirement and complexity it brings to the table. This setup requires Oracle Advance Networking Option (ANO, also known as Advanced Security Option) and may need Oracle Application Server as a middle tier. The ANO is a must have requirement and with it being an add-on option with the increased complexity of operating it, proves it to be quite a challenge.

So, we are left with the task of unearthing a middle ground to identify those application users without using the complicated and expensive ANO. In Chapter 5, we explained a detailed model of securely managing application users using a combination of application
 

The above text is an excerpt from the bestselling book: Oracle Privacy Security Auditing It's only $39.95 and has an download of working security scripts:

 

This is the only authoritative book on Oracle Security, Oracle Privacy, and Oracle Auditing written by two of the world’s leading Oracle Security experts.

This indispensable book is only $39.95 and has an download of working security scripts:

 

http://rampant-books.com/book_2003_2_audit.htm

 


Download your Oracle scripts now:

www.oracle-script.com

The definitive Oracle Script collection for every Oracle professional DBA

 

Linux Oracle commands syntax poster

ION Oracle tuning software

Oracle data dictionary reference poster



Oracle Forum

BC Oracle consulting support training

BC remote Oracle DBA   

 

   

 Copyright © 1996 -2016 by Burleson. All rights reserved.


Oracle® is the registered trademark of Oracle Corporation. SQL Server® is the registered trademark of Microsoft Corporation. 
Many of the designations used by computer vendors to distinguish their products are claimed as Trademarks