Re: Database links and security

hrm.. I dont know a lot about security but a few obvious steps to start with. (though I guess you've prol already done this) - create new users with limited access priviledges, ie if data is only going from database1 to database2 (ie read only on database 1) then this user would have read only priviledges on the tables that require reading. Similarly for write piviledges on the other side.

I use JDBC connections for most of my work, it should be a fairly easy exercise to use some encryption method to transmit data via sockets.

Might be worth taking this question to comp.lang.security or something similar.

I suspect there are several other ways of achieving this. anybody else?

Matt Houseman wrote:

> All,
>
> I'm working with two Oracle databases, each one behind a separate firewall.
> I want to create a database link between the two and was wondering what
> the security issues are since this database link will be 'in-the-clear'. My
> client has gone to extremes to secure the Solaris boxes where these
> Oracle databases reside and I don't wish to put the databases or servers
> at risk.
>
> Is the data that passes along this database link encrypted? Can an Oracle
> database be 'hacked' through this database link?
>
> TIA,
>
> Matt Houseman

--
===================================================================
Matthew Taylor    s176226_at_student.uq.edu.au
ph 3202 6927/3202 9040/0404 050703 bmatthewtaylor_at_hotmail.com
University of Queensland, St Lucia, Brisbane, Australia.
===================================================================