Re: Puzzle - Hiding Data of some rows in a Table

• From: Job Miller <jobmiller@xxxxxxxxx>
• To: stephenbooth.uk@xxxxxxxxx, VIVEK_SHARMA@xxxxxxxxxxx
• Date: Mon, 16 Oct 2006 13:06:39 -0700 (PDT)

For #2, consider:

http://www.oracle.com/technology/deploy/security/db_security/database-vault/index.html



----- Original Message ----
From: stephen booth <stephenbooth.uk@xxxxxxxxx>
To: VIVEK_SHARMA@xxxxxxxxxxx
Cc: oracle-l@xxxxxxxxxxxxx
Sent: Monday, October 16, 2006 3:32:52 PM
Subject: Re: Puzzle - Hiding Data of some rows in a Table

On 16/10/06, VIVEK_SHARMA <VIVEK_SHARMA@xxxxxxxxxxx> wrote:
Folks
 
Puzzle 1 - For a Banking Application, for certain V.I.P. Accounts (translating 
to respective rows in a set of Tables), the general Staff should NOT be able to 
View the respective Account info. But Bank-wide summation reports fired by the 
same staff should consider the Data from the VIP Accounts too.
 
Puzzle 2 Additionally DBAs also should also NOT be able to see the above data.
1.  Use a pair of views.  The first view (used for regular queries and possibly 
updates/inserts) has a where clause that excludes VIP rows so all the users 
will see are the rows they're allowed to see.  The second view (or views if you 
want to do different sorts of summation) doesn't have the where clause but does 
the summations so the user cannot get to the underlying data through it, they 
will only see the summarised data.  Grant the users access to the views but not 
the underlying tables.  If you want to be really paranoid then make the views 
based on functions (using the table() function) and crate functions to handle 
insert/update/delete of rows (effectively doing OO style encapsulation). 

Obviously this assumes that you can write/change the app to use the views and 
functions.

2.  This tells me that you're not paying your DBAs nearly enough (if you were 
then they'd be too well paid to consider doing anything naughty with their 
accessd to your data) and you distrust your hiring practices (why do you 
suspect you're hiring moral degenerates), auditing (don't you know what they're 
doing) or both.  There have to be people who have ultimate access to the system 
because there are somethings that need that level of access and have to be 
done.  If it's not the DBAs then it'll be the sytem administrators or the 
application administrators or even the person who takes the DR backup tapes to 
offsite storage. 

The only leakage of data from any organisation I've worked for was down to the 
collusion between the data centre manager and the guy who drove the van that 
carried the tapes between datacentres.

Stephen
-- 
It's better to ask a silly question than to make a silly assumption. 

http://stephensorablog.blogspot.com/

'nohup cd /; rm -rf * > /dev/null 2>&1 &' 
(There's a strong arguement for the belief that running a command without first 
knowing what it does is 'Darwin in action')

Other related posts:

• » Puzzle - Hiding Data of some rows in a Table
• » Re: Puzzle - Hiding Data of some rows in a Table
• » Re: Puzzle - Hiding Data of some rows in a Table
• » Re: Puzzle - Hiding Data of some rows in a Table
• » Re: Puzzle - Hiding Data of some rows in a Table
• » RE: Puzzle - Hiding Data of some rows in a Table
• » Re: Puzzle - Hiding Data of some rows in a Table
• » RE: Puzzle - Hiding Data of some rows in a Table
• » RE: Puzzle - Hiding Data of some rows in a Table
• » RE: Puzzle - Hiding Data of some rows in a Table
• » Re: Puzzle - Hiding Data of some rows in a Table
• » Re: Puzzle - Hiding Data of some rows in a Table

1. Home
2. oracle-l
3. Archive
4. 10-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---