Database Reference
In-Depth Information
Over Time
Figure 12-1.
Evolution of top-down to bottom-up data visibility
MAC and DAC
Underlying these data security models is the concept of mandatory and discretionary access control. A mandatory control
applies to the whole system, whereas a discretionary access control can be delegated by a user. In addition to MAC and
DAC is the concept of multi-layer security (MLS), which is applicable to an organizational data security hierarchy.
Trusted Components
Common to all preceding concepts of data security, as well as the identity management solutions that followed, is a
reliance on the underlying system as a “trusted component.” This trusted component is, as Peters (1967) originally
acknowledged, physically difficult to control and therefore data security models have largely “side-lined” the technical
problem of controlling the highest system administration privileges, while more pressing security challenges such as
keeping outsiders from penetrating the system were solved first. Cutting-edge PAC system implementations, which
are coming to market now, attempt to remove the need to trust the system account and aim to enforce control instead,
and should be regarded as a pre-requisite to Cloud Consolidation.
Oracle Access Control
So that's a summary of the theory, but how does the theory translate into Oracle specifics?
An example of mandatory access control that affects the whole system is database vault (DV), which is meant to
tame all users' access, including SYSDBA, so that the HR user can control them. One simple DV bypass method has
been the
SQL*PLUS
password command (using OCI).
sqlplus "/ as sysdba"
SQL> password hr
Changing password for hr
New password:
Retype new password:
Password changed
