Re: Security Problem

On 8 Apr 1997 18:50:11 GMT, ikang_at_gradine.cis.upenn.edu (Insoo Kang) wrote:

>We have an application that allows you to delete and update records in
>a table. The problem is that a same user can login using sqlplus and
>delete the entire records in a table. In order to prevent this, I
>came up with the following scheme: revoke table access privilege if
>a user is connecting via sqlplus or any other applications.
>
>I can write a trigger that sends a message to a pro*c application that
>revokes table access privilege, but the problem is that v$session is a
>view not a table so I can't write a trigger based on v$session view.
>Does anybody have a suggestion how I can accomplish this whether it be
>through a trigger or some other means?
>
>--Insoo

Insoo,
We developed a product called SECURE*DB to solve this problem a couple of ways. This first is to use password protected oracle7 roles to protect the table privs and have the application use a set role XXX identified by PASSWD. The main problem with this approach is the application must get the role password somehow. We developed SECURE*DB to provide an API call the get the password from encrypted tables.

The second approach is to use a 'shadow' id for the application that the user does not know the password for and thus can't connect to sql*plus etc. This approach is also supported by SECURE*DB and is useful if you can't change the application (i.e. purchased). Look at http://www.dbcorp.ab.ca/products for more info and a download trial version. Received on Thu Apr 10 1997 - 00:00:00 CDT