Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: OT - SarBox paranoia prevention ?

RE: OT - SarBox paranoia prevention ?

From: David Wendelken <davewendelken_at_earthlink.net>
Date: Sat, 19 Feb 2005 22:17:13 -0500
Message-ID: <002101c516fa$af708870$6401a8c0@davidwendelken> 









Although I was trying to make people laugh, I was also being serious.



I understand that nuclear missile silos take 2 keys that have to be turned
simultaneously by two different people (they are spaced too far apart for
one person).



If they don't want to have a single dba able to install whatever they want,
then they need two dbas, each with 1/2 the key (1/2 the password).



And, they have to have a way of recovering the passwords if a dba becomes
"unavailable".


Either the passwords have to be in a lockbox (or two?), or 4 dbas are
needed.



Any other way won't prevent unauthorized code without collusion on the part
of two people.



If the auditors want that much security, and management is willing to pay
for it, then that's what they have to do.




--
http://www.freelists.org/webpage/oracle-l


Received on Sat Feb 19 2005 - 22:02:49 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US