SecurityFocus

Re: File sharing with Bittorrent: what possible security threads? Mar 26 2008 02:36PM
hibbard wapa gov (3 replies)

Securing data from Database Admin Mar 27 2008 06:40PM
WALI (hkhasgiwale gmail com) (2 replies)

Re: Securing data from Database Admin Mar 27 2008 09:34PM
postmaster (postmaster impole com)

Re: Securing data from Database Admin Mar 27 2008 08:17PM
Ali, Saqib (docbook xml gmail com) (1 replies)

How about just encrypting the fields in the database? This way the
application and application developers will have access to usable
(i.e. decrypted) data whereas the Database Administrators will only
see encrypted data but will still be able to perform their job
(backup, restore etc).

I was looking into MS SQL's built-in encryption to do something
similar to what you are trying to do. I haven't tried it yet, so I
can't give you the specifics. But I know it works, and you can control
access using AD groups.

saqib
http://doctrina.wordpress.com/

On Thu, Mar 27, 2008 at 11:40 AM, WALI <hkhasgiwale (at) gmail (dot) com [email concealed]> wrote:
> Is there a way we can secure data within (Oracle 9i) database? Supposingly
> there is an application developed by internal developers and it's backend
> database is administered by a DB Admin. There is no segregation of duties
> between development and live environments due to resource constraints.
>
> Is there a way data can be protected from being revealed to or being
> tempered by DB Admin? He would only be called in when there's some kind of
> malfunction that too under the watchful eyes of project team leader.
>
> Any thoughts to bring in preventive/detective controls over DB Admin
> activities?
>
>

--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

[ reply ]

Re: Securing data from Database Admin Mar 27 2008 10:48PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)

Re: File sharing with Bittorrent: what possible security threads? Mar 27 2008 01:39AM
Thomas Jespersen (front243 stofanet dk)

Re: File sharing with Bittorrent: what possible security threads? Mar 26 2008 03:36PM
Razi Shaban (razishaban gmail com) (1 replies)

Re: File sharing with Bittorrent: what possible security threads? Mar 26 2008 08:26PM
Simon Jolle sjolle (urandomdev gmail com) (2 replies)

Re: File sharing with Bittorrent: what possible security threads? Mar 27 2008 01:46AM
Thomas Jespersen (front243 stofanet dk) (1 replies)

Re: File sharing with Bittorrent: what possible security threads? Mar 27 2008 02:31PM
Razi Shaban (razishaban gmail com)

Re: File sharing with Bittorrent: what possible security threads? Mar 26 2008 09:37PM
Razi Shaban (razishaban gmail com) (1 replies)

Re: File sharing with Bittorrent: what possible security threads? Mar 27 2008 01:43AM
Thomas Jespersen (front243 stofanet dk)