Schema only accounts. There is no good reason for anyone to connect to an application schema as the owner. In Oracle 18c, we now have schema only accounts. Okay, I had to double check if this was available on 12c this morning. Yea’ it did not work.
Now in 18c, we have the schema only account. Now, just what
is a schema only account. It is an account that can hold database objects and
there is no password to connect to the account. Therefore, to do maintenance on
the account, you need to connect through a proxy user.
To connect to the schema only account, use <proxy user>[<schema user>]. In this case, we are already connected to sqlcl, so we’re going to use conn rlockard[test_data]@orcl. Once connected, the account is limited to the privileges to what was given to the schema only account. In this case, the schema only account is granted connect and create table. So, when we try to access sys.dba_objects, we get an ORA-00942 error.
You can maintain an application schema and nobody needs to
connect at the application owner.
#DataPrivacy, #InformationSecurity all require critical thinking. Sadly, there is not a lot of that going around these days. People are purposely sending photos to have them aged without vetting the company they are going to. We are now have #DeepFakes that use AI to blend faces into composite images and video. Just google DeepNude, that uses AI to undress photos of women. The company based in Estonia closed its doors; however, if you check the website, they are now selling their product for someone else to make money off it. I personally don’t care what country data is stored in. I care about the stewardship of the information. I care about the manipulation and misuse of your data
To quote a dear friend of mine. “free cheese is only in the
On Monday July 22 I will be speaking at IEEE International Conference on Software Quality, Reliability, and Security. https://qrs19.techconf.org/ This is going to be a two hour tutorial on designing and coding a secure database system.
I see a lot of effort put into network and end point security; however, at the same time many organizations are only giving lip service to database security. You database is the last line of defense of your organizations crown jewels. So come on out, I will help you wrap your head around database #infosec.