Security Scope - Two Passwords Stored Everywhere

The core problem of Oracle security is that it was never designed for the purposes it is currently used for. You might not realize it, but no production database can use most of the security measures the way there were intended.
Go to page123All

History

To properly understand the security issues, it is important to understand a little bit of the history behind relational databases in general and the Oracle database in particular.
The Oracle database along with many other relational databases started in the late 70’s as a result of an IBM research project called System R. The purpose of relational databases was to allow researchers an efficient and convenient means of analyzing data. The SQL language that evolved from System R was, therefore, English like. An English like query language makes it much easier for people to interact with the database.
While the original concepts of relational databases remain at the heart of all modern database systems, the practical usage has changed significantly. Nowadays, databases are mostly used by programs called applications. Human beings rarely use the SQL language to query or modify data in a production database.
The Oracle database security model originates in those earlier times when researchers wrote queries directly to the database. A time when individuals stored data in their own accounts, and protecting data by granting users access to tables was an effective means of controlling who can see what. But that world has changed.
Today, most human interaction with the Oracle database is done through applications. If you’re using an Oracle database you have some sort of application to access it. There are many types of applications ranging from small home grown apps to vast applications like Oracle EBS, Siebel, PeopleSoft, SAP, etc. An application can run in a web server, use a thick client, be fully purchased, partially customized or completely home grown.

One Password

Applications brought on many changes, but the one we’re focusing on it that applications consolidate all the data of all their users. There are several problems this new model introduces:
  • All the data from all the users is in a single Oracle schema – that means that a single Oracle account with a single Oracle password protect all the data
  • Worse of all, data from different users is mixed into the same tables. Since Oracle doesn’t have row level security, there is no way to distinguish different user’s data
  • In most cases, the database is not even aware of the different application users – they all come in through the application account
  • In many applications, most of the users require access to most of the data
In other words, this means that the application has to enforce security, and the Oracle security model is mostly disabled. The only security that remains in Oracle is a single user and password that give complete access to all the data.

Second Password

Aside from the application account, the Oracle database also has DBA accounts and privileged accounts like SYS.
The problem in Oracle security is that DBA and privileged accounts have unrestricted access to all the data in the database.