Security education Ensure that all database users understand the security and usage
policies of the IT infrastructure. Requiring that users understand and follow the security
policies emphasizes the critical nature and value of the data to the company, including
the information in the database. A well-educated user will be more likely to resist
attempts at system access from a hacker??™s social-engineering skills.
Controlled access to hardware All computer hardware that houses the database should
be located in a secure environment that is accessible only with badges or security access
codes.
Database Authentication Methods
Before the database can allow a person or application access to objects or privileges in the database,
the person or application must be authenticated; in other words, the identity of who is attempting
access to the database needs to be validated.
In this section, we??™ll give an overview of the most basic method used to allow access to the
database??”the user account, otherwise known as database authentication. In addition, we??™ll show
how to reduce the number of passwords a user needs to remember by allowing the operating system
to authenticate the user and, as a result, automatically connect the user to the database. Using 3-tier
?–
?–
?–
?–
?–
280 Oracle Database 11g DBA Handbook
authentication via an application server, network authentication, or Oracle??™s Identity Management
can reduce the number of passwords even further.
Pages:
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473