Security :: Security For Some Columns Of Table

Nov 29, 2012

how can we mask value of some columns in table? For example: user A is supervisor, he can query salary column in employee table, but for user B, he is staff member, he can query salary column but system just shows ***** or something like that for salary value.

View 6 Replies


ADVERTISEMENT

Security :: Oracle 11G And Advanced Security / FIPS 140-2 Compliant Encrypt Data At Rest

Dec 26, 2012

Any documentation supporting Oracle 11G and Advanced Security stating encryption at rest is FIPS 140-2 compliant?

View 3 Replies View Related

Security :: Enhance Security Of Windows And Recover Lost / Forgotten Password?

Nov 16, 2010

Lost Windows password? Forgot Windows password? Your PC was hacked? Therefore, it is a basic step for every Windows users to enhance the security of Windows password. In the networks, it is found that a number of user's passwords are easy to guess. Only the smallest groups are the most security conscious and select passwords that are mixed lowercase and uppercase letters, numbers and punctuation to create cryptic passwords. Adopting strong password is one of the most effective ways to ensure system security. Here are several methods for you to enhance the security of your passwords in Windows 7/2000/XP/Vista and so on. You'd better remember the methods below unless you want to reset Windows password from time to time.

1. Is random password a great password?

A common myth is that totally random passwords like Ht3&e#L%5d@$B are the best passwords. This is not true. While they may be strong passwords, they are usually difficult to remember, slow to type, and sometimes vulnerable to attacks against the password generating algorithm. It is easy to create passwords that are strong but much easier to remember by using a few simple techniques. For example, consider the password "Luck-73@Better?". This password utilizes uppercase and lowercase letters, two numbers, and three symbols. The password is 15 characters long and can be memorized with very little effort. Moreover, this password can be typed very fast. The portion"Luck" and "Better" alternate between left and right-handed keys on the keyboard, improving speed, decreasing typos, and decreasing the chances of someone being able to discover your password by watching you.

2. Create the long Windows password

Although a password may eventually be discovered through some means, it is possible to create a password that cannot be cracked in any reasonable time. If a password is long enough, it will take so long or require so much processing power to crack it. That is essentially the same as being unbreakable (at least for most hackers).

3. Create the Windows password constantly?

This may be good advice for some high-risk passwords, but it is not the best policy for every user. It is frustrating for a user to have to constantly think of and remember new passwords every 30 days. It may be better to focus on stronger passwords and better user awareness rather than limiting password age. A more realistic time for the common user may be 90-120 days.

4. Write down Windows password in a proper place

Sometimes it is necessary for some users losing and forgetting complex passwords easily to write down them somewhere proper. However, it is important to educate users on how to write down passwords properly. Obviously, a sticky note on the monitor is not a good idea, but storing passwords in a safe or even a locked cabinet may be sufficient.

5. 14 characters is the optimal password length

Each character that you add to your password increases the protection. Your passwords should be 8 or more characters in length; 14 characters or longer is the Optimal Password Length. Many systems also support use of the space bar in passwords, so you can create a phrase made of many words. It is not easier to forget and lose, as well as longer than a simple password, and harder to guess.

6. Try not to use the same Windows password for all accounts

Some users always make the same passwords for every account to make it easy to remember. In that case, when any one of them lost, your other information protected by that password will be in danger as well. It is serious to use different passwords for different systems and accounts.

7. Do not use some common words that other users maybe guess

Most of users prefer to use some common words to remember easily, for example, login name, birth date, driver's license, passport number, pets' name and other words contained their personal information someone knows. In that case, your Windows system will not be safe anymore. Moreover, do remember not to use some words spelled backwards, abbreviations, sequences or repeated characters and adjacent letters, such as, asdfgh, 123456, 888888, abcdef and so on.

You can smoothly use your Windows now because the strong and powerful Windows password is created successfully, Certainly, I believe that many users lost Windows password and forgot Windows password, then you need have to reset Windows password or recover Windows password. It is a big problem for plenty of Windows users that how to reset Windows password. how to recover Windows password and they are puzzled by resetting windows password, for instance, reset Windows 7 password, recover password Windows XP, remove Windows Vista password and other operating systems after they create the password with complex letters, numbers and symbols. However, it is unnecessary to worry and it is said that things will eventually sort themselves out. There are many ways to reset forgotten Windows password, including use windows password reset disk and windows password reset software, like Super Windows Password Reset, a professional windows password reset software which could enable you to logon to Windows smoothly without reinstalling system.

View 1 Replies View Related

Security :: Moving Application Security To Oracle From Sybase

Aug 18, 2010

In Sybase, my application was using system tables to perform application login security. Those tables obviously don't exist in Oracle. I am looking for ways to provide the following functionality in an Oracle world:

1. How to determine 'x' days of inactivity based on "last login date"?

2. How to determine when a new user logs in for the first time and force them to change their password?

3. If we need to reset a users password, how can we require the user to change their password?

4. Is there any other option other than storing a user-id/password in the application code for locking a user's account if their account needs to be locked due to inactivity?

5. In the USER_USERS view there is a status column. What the different status's can be?

View 3 Replies View Related

Security :: Select Columns From View - Showing No Value?

Aug 16, 2013

I created a user and granted connect, resource to the user. but trying to select columns from the view USER_HISTORY$,it's showing no value, i tried to login the user several times, but it's displaying no value, any particular reason or any minor mistake?

View 1 Replies View Related

Security :: Tracking User Security Violations

Jul 27, 2010

Provide me the script which would track all the users security violations like ... say for example i want to find which users logged in and what he did in database prospective.

View 1 Replies View Related

Security :: Masking Options / Techniques To Mask Few Columns

Nov 26, 2012

I am looking for Masking options/techniques to mask few columns. I am aware of the option Oracle Data Masking Pack. But its costly.

View 6 Replies View Related

Security :: Restrict DML On Table?

Jul 26, 2011

I have a table which contains secret data, i want that nobody can query,insert,update or delete that table, we can do by creating a table and giving rights to specific person but problem is that our programmers can query that table while working on that database.

Is there any other event or trigger which check that if person is performing DML on secret table then an error may generate.

View 10 Replies View Related

Security :: Moving Sys Table

Dec 13, 2011

One of our auditing recommendation is to move table AUD$ to a separate tablespace from system. Why this recommendation is important and how to do this action ?

View 2 Replies View Related

Security :: Auditing At Table Level In 11g?

Apr 27, 2012

We have recently upgraded our DR environment from 9i to 11g. We have auditing turned on for 3 tables.

On 9i, AUD$ table size is 11G for 12 months and the upgraded 11g environment has 9G in 2 days....

Below is the sql statement we used to turn on auditing on these tables.

audit select,update,delete on audit_Test2 by session;

Opened SR with Oracle, but no proper response from them...

what changes we need to do in order to reduce the amount of audit data on these tables in 11g?

View 8 Replies View Related

Security :: Creating Table In Other Schema

Dec 29, 2011

I have a query ,

I need to create a structure DATABASE=>SCHEMA=>TABLE as

DB=>SC=>EMPLOYEE ...but after connecting database i could create table only user my user schema(own schema)only . I want to create a new schema called SC as public and need to create a table .

View 2 Replies View Related

Security :: Create Table Others Schema

Oct 18, 2010

how can i grant a user permission to create tables and indexes in other user schema.Grant create table permits the user to create tables in his own schema which is part of Resource role.Grant any table will permit him to create table in any schema including system which i don't want.

View 8 Replies View Related

Security :: ORA-00942 Table Or View Does Not Exists

Aug 31, 2010

I am receiving an "ORA-00942 Table or View does not exists" error message when I try to run the following SQL statement:

SELECT id_status INTO :ls_id_status
FROM USER_ADMINISTRATION
WHERERTRIM(user_id) = :as_userid;

where :as_userid is an argument passed to the SQL.

Here are some background facts in order to save time regarding actions already taken:

(1) The userid used to login successfully is the same one passed to the above SQL;

(2) I have confirmed that the table does exist - we are using it in an application;

(3) The case of the table name is upper case as seen above and is correct;

(4) The spelling of the table name is correct;

(5) The schema name was prefixed to the table and I still got the same error (not shown above);

(6) The userid that I used is assigned to a role and the role has SELECT permissions to the above table.

View 8 Replies View Related

Security :: Ensuring Read Only Access To Any Table

Jul 27, 2012

I am an auditor. I need to ensure that a perticular user at any cost should not be able to update contents of a table.

Privileges granted:

GRANT SELECT ANY TABLE TO "ABC"
GRANT ALTER SESSION TO "ABC"
GRANT CREATE SESSION TO "ABC"

Can abc modify, alter contents of a table?

View 7 Replies View Related

Security :: Encrypt Column In Table (TDE) With 160 Rows

Jun 12, 2012

I need encrypt column in the table (TDE) with 160 rows (PK) i'd like know what impact if i rn in time production this procedure. And as will be behavior the oracle database if this column is FK.

View 2 Replies View Related

Security :: How To Get The Data Access For A Temp Table

Jul 9, 2013

How to get the data access for a temp tableĀ ?

View 5 Replies View Related

Security :: Encryption Table Column Data

Jul 19, 2012

I created a test table with 4 columns(id, first_name,last_name, salary-number ) and then alter table to encrypted salary column . everything is OK.

I insert values into test table. However, I still can see salary value by select SQL.

What is wrong?

my db is oracle 11.2.01 in 2008 SP window

newdba

View 7 Replies View Related

Security :: How To Restrict Access To Table (Database Vault)

Nov 12, 2012

I configured a simple security configuration for the HR sample database schema. URL....

Now system user can't select data from table hr.employee, but HR user still can. How to restrict access to table for table owner?

View 1 Replies View Related

Security :: Find Out Locked Table And Session From Database

May 20, 2013

I used to find out locked table and session from database....query with SYS user but i want to hand over the user session kill role to location level IT person so i have created one user in database named as rab and i have given "select any table,alter session and Grant dba to that rab user,but with that user they will drop and delete any table also

col owner format a12
col object_name format a25
col ORACLE_USERNAME format a15
col OS_USER_NAME format a15
col OBJECT_TYPE format a15
set lines 140
[code]....

View 3 Replies View Related

Security :: Unable To See Data In Base Table Where Can Be Viewed In Synonym?

Sep 9, 2011

I have one schema argus_app where there is a table cfg_enterprise. There is a view v$cfg_enterprisewhich selects data from cfg_enterprise and there is apublic synonym cfg_enterprise for v$cfg_enterprise.

When I login to argus_app and select from cfg_enterprise there is no data where as i log in to sys and select I can see data.

SQL> conn /as sysdba
Connected.
SQL> select enterprise_name from cfg_enterprise;

ENTERPRISE_NAME

[code]...

what would be creating this problem.

View 5 Replies View Related

Security :: Difference Between Grant All On Any Table And Grant All On Table_name

Oct 31, 2012

I would like to know what happens when we fire:

grant all on any table to user_name;

and

grant all on table_name to user_name;

Actually I was performing "grant all on table_name to user_name;" to grant the privilege but 1 of my friends suggested "grant all on any table to user_name;"

View 5 Replies View Related

Security :: Audit Specific Statement On Specific Table By Specific User?

May 29, 2012

I'd like to know if it is possible to track DML actions issued on a specific table by a specific user, for example , i tried :

AUDIT SELECT on SCOTT.DEPT by HR by ACCESS;

I get an error, where is my syntax error ?

i want to know if it's possible to do it without trigger ?

View 7 Replies View Related

Security :: Can Only Log Onto DB Via Server

Jan 18, 2012

I've a problem in that I cannot log onto one of our schemas on one of our databases via SQL*Plus, TOAD, SQL Developer etc.. Attempting to do so yields the following error message: "ORA-01017: invalid username/password; logon denied"

However, if I try to log onto the same schema via any of the unix boxes using the sqlplus command, that works fine.

It's only this schema that is affected. For all other schemas (on that database and on others), I don't have this problem.

what the DBAs have done?

View 3 Replies View Related

Security :: Remote Connection Using SYS

Jan 8, 2013

while testing SYS remote connection in our staging server. Executing the command below is OK:

sqlplus sys/<password>@sales as sysdba

While this is mind-boggling for me...

sqlplus sys@sales as sysdba
Enter password:
ERROR:
ORA-01017: Message 1017 not found; No message file for product=RDBMS,
facility=ORA

Enter user-name:
ERROR:
Error while trying to retrieve text for error ORA-01017

I entered the correct password.I've been simulating this for a couple of times, even tried the copy-and-paste method.

View 8 Replies View Related

Security :: How To Disable Sql Login

May 28, 2012

How to disable a user's sql login? To ellaborate, I want a user to login through a certain application only with his userid on database level & not through "sqlplus username@dbname".

Is it possible? If no, then what can be done to achieve below.

I have a userid which has all the update, delete privileges on it. That id needs to be configured in the application alongwith the password. So in order to avoid misuse of that id I want to block its sql access.

I am not sure whether this can be achieved or not.

View 2 Replies View Related

Security :: Privileges For Stats

Aug 31, 2012

My tables are in ers_stg schema and code which collects state on these table are in etls_ers schema, what permission i need in order to get the stats collected from etls_srs schema. i am getting in sufficient privilege error.

View 1 Replies View Related

Security :: PL/SQL Compilation Session

Oct 18, 2010

Is there any way to identify who has compiled a specific PL / SQL stored program?

View 3 Replies View Related

Security :: Query Regarding Audit_Trail

Feb 25, 2011

I would like get select,insert,update commands in particular text file for my one of the schema. if i am enabling audit_trail=os in init.ora and issue

AUDIT SELECT TABLE, UPDATE TABLE, INSERT TABLE BY SCOTT;

Should i get above statements in text file.

Actually I would like to get all the select,insert,update statements for my particular schema. is there any way to get it from instance or log. is it possible without audit_trail?

View 23 Replies View Related

Security :: Database Hardening?

Mar 13, 2009

regarding Database Hardening, i am new to this concept

View 2 Replies View Related

Security :: See Audit Log Information?

Dec 17, 2011

i enabled auditing by setting

audit_trail=db,extended in spfile,and restart the database and after that i issued command to audit as below :
audit select on emp by access;

but how to see audit log information(ie from which table),i checked dba_audit_trail but it doesnot have any record.

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved