Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Securing data from Database Admin

from [Ali, Saqib] Network Security [Permanent Link]
Subject: Re: Securing data from Database Admin
Date: Thu, 27 Mar 2008 13:17:52 -0700 
How about just encrypting the fields in the database? This way the
application and application developers will have access to usable
(i.e. decrypted) data whereas the Database Administrators will only
see encrypted data but will still be able to perform their job
(backup, restore etc).

I was looking into MS SQL's built-in encryption to do something
similar to what you are trying to do. I haven't tried it yet, so I
can't give you the specifics. But I know it works, and you can control
access using AD groups.

saqib
http://doctrina.wordpress.com/


On Thu, Mar 27, 2008 at 11:40 AM, WALI <hkhasgiwale@gmail.com> wrote:

Is there a way we can secure data within (Oracle 9i) database? Supposingly
 there is an application developed by internal developers and it's backend
 database is administered by a DB Admin. There is no segregation of duties
 between development and live environments due to resource constraints.

 Is there a way data can be protected from being revealed to or being
 tempered by DB Admin? He would only be called in when there's some kind of
 malfunction that too under the watchful eyes of project team leader.

 Any thoughts to bring in preventive/detective controls over DB Admin
 activities?






-- 
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Pen tester, Kevin Ortloff
Next by Date:  RE: DoD aproved disk wiping tool, Kevin Ortloff
Previous by Thread:  Securing data from Database Admin, WALI
Next by Thread:  Re: Securing data from Database Admin, Ansgar -59cobalt- Wiechers
Indexes:  [Date] [Thread] [Top] [All Lists]