Database security technology from Oracle

CIOL Bureau
Updated On
New Update

NEW DELHI: Database giant Oracle has announced the release of Oracle Database Vault, a security product to protect and limit access to sensitive data and applications. Oracle Database Vault enforces preventive controls to help meet compliance requirements by restricting powerful users, such as database administrators (DBAs), from unauthorized access to specific information.


The increasing need to mitigate insider security threats coupled with the growing number of regulatory and privacy mandates such as the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act (HIPAA) etc have made protecting data against unauthorized access a top priority.

Oracle Database Vault is designed to help secure sensitive information from internal threats and to implement separation-of-duty mandates that require more than one person to complete a sensitive task. The product's flexible security controls also enable customers to implement incremental restrictions on data access even for regular users. The controls maintain high database performance without requiring changes to existing applications or administrators' routine responsibilities.

"It's critical that customers take measures to protect private and confidential information that resides in enterprise databases. Current threat levels are high, regulatory compliance is mandated in many countries, and the consequences of a significant data breach can result in substantial economic loss and damage to reputation," said Phil Schacter, vice president and group service director, Burton Group.


The product's security mechanisms are based on realms and rules that further control the scope of an authorized user's access. Realms are established to encapsulate an existing application or a set of database objects inside a protection zone while rules further restrict operations based upon business specific operational requirements using environmental or domain-specific decision factors such as database, machine, IP addresses, time-of-day and authentication modes. For example, an organization can prevent an administrator from making changes to the database while outside of the corporate intranet and after normal working hours. Rules can also be applied to all SQL commands.

"Oracle is the only company poised to deliver database security technology that customers can use to prevent unauthorized administrator access to sensitive information," said Andy Mendelsohn, senior vice president of Oracle Database Server Technologies. "With Oracle Database Vault, organizations can easily increase the security level of an existing application without changing the application and still maintain high levels of performance. This improves security throughout the enterprise and helps reduce risks posed by insider threats."

Oracle Database Vault is a component of Oracle's portfolio of security products and can be used in conjunction with other Oracle Database security technologies including Oracle Label Security, Oracle Transparent Data Encryption, Oracle Virtual Private Database and Oracle Secure Backup, for even greater levels of information assurance.

The product is expected to be available on additional platforms during the first half of fiscal year 2007. Oracle Database Vault is available starting with Oracle Database 10g Release 2; its Linux version would be available soon.