Protecting oracle pl/sql source code from a dba user
In this paper we are presenting a new way to disable DDL statements on some specific PL/SQL procedures to a dba user in the Oracle database. Nowadays dba users have access to a lot of data and source code even if they do not have legal permissions to see or modify them. With this method we can disab...
Main Authors: | , , |
---|---|
Format: | Text |
Language: | unknown |
Published: |
arXiv
2012
|
Subjects: | |
Online Access: | https://dx.doi.org/10.48550/arxiv.1209.2794 https://arxiv.org/abs/1209.2794 |
id |
ftdatacite:10.48550/arxiv.1209.2794 |
---|---|
record_format |
openpolar |
spelling |
ftdatacite:10.48550/arxiv.1209.2794 2023-05-15T16:01:41+02:00 Protecting oracle pl/sql source code from a dba user Paci, Hakik Mece, Elinda Kajo Xhuvani, Aleksander 2012 https://dx.doi.org/10.48550/arxiv.1209.2794 https://arxiv.org/abs/1209.2794 unknown arXiv arXiv.org perpetual, non-exclusive license http://arxiv.org/licenses/nonexclusive-distrib/1.0/ Databases cs.DB FOS Computer and information sciences article-journal Article ScholarlyArticle Text 2012 ftdatacite https://doi.org/10.48550/arxiv.1209.2794 2022-04-01T13:36:27Z In this paper we are presenting a new way to disable DDL statements on some specific PL/SQL procedures to a dba user in the Oracle database. Nowadays dba users have access to a lot of data and source code even if they do not have legal permissions to see or modify them. With this method we can disable the ability to execute DDL and DML statements on some specific pl/sql procedures from every Oracle database user even if it has a dba role. Oracle gives to developer the possibility to wrap the pl/sql procedures, functions and packages but those wrapped scripts can be unwrapped by using third party tools. The scripts that we have developed analyzes all database sessions, and if they detect a DML or a DDL statement from an unauthorized user to procedure, function or package which should be protected then the execution of the statement is denied. Furthermore, these scripts do not allow a dba user to drop or disable the scripts themselves. In other words by managing sessions prior to the execution of an eventual statement from a dba user, we can prevent the execution of eventual statements which target our scripts. Text DML DataCite Metadata Store (German National Library of Science and Technology) |
institution |
Open Polar |
collection |
DataCite Metadata Store (German National Library of Science and Technology) |
op_collection_id |
ftdatacite |
language |
unknown |
topic |
Databases cs.DB FOS Computer and information sciences |
spellingShingle |
Databases cs.DB FOS Computer and information sciences Paci, Hakik Mece, Elinda Kajo Xhuvani, Aleksander Protecting oracle pl/sql source code from a dba user |
topic_facet |
Databases cs.DB FOS Computer and information sciences |
description |
In this paper we are presenting a new way to disable DDL statements on some specific PL/SQL procedures to a dba user in the Oracle database. Nowadays dba users have access to a lot of data and source code even if they do not have legal permissions to see or modify them. With this method we can disable the ability to execute DDL and DML statements on some specific pl/sql procedures from every Oracle database user even if it has a dba role. Oracle gives to developer the possibility to wrap the pl/sql procedures, functions and packages but those wrapped scripts can be unwrapped by using third party tools. The scripts that we have developed analyzes all database sessions, and if they detect a DML or a DDL statement from an unauthorized user to procedure, function or package which should be protected then the execution of the statement is denied. Furthermore, these scripts do not allow a dba user to drop or disable the scripts themselves. In other words by managing sessions prior to the execution of an eventual statement from a dba user, we can prevent the execution of eventual statements which target our scripts. |
format |
Text |
author |
Paci, Hakik Mece, Elinda Kajo Xhuvani, Aleksander |
author_facet |
Paci, Hakik Mece, Elinda Kajo Xhuvani, Aleksander |
author_sort |
Paci, Hakik |
title |
Protecting oracle pl/sql source code from a dba user |
title_short |
Protecting oracle pl/sql source code from a dba user |
title_full |
Protecting oracle pl/sql source code from a dba user |
title_fullStr |
Protecting oracle pl/sql source code from a dba user |
title_full_unstemmed |
Protecting oracle pl/sql source code from a dba user |
title_sort |
protecting oracle pl/sql source code from a dba user |
publisher |
arXiv |
publishDate |
2012 |
url |
https://dx.doi.org/10.48550/arxiv.1209.2794 https://arxiv.org/abs/1209.2794 |
genre |
DML |
genre_facet |
DML |
op_rights |
arXiv.org perpetual, non-exclusive license http://arxiv.org/licenses/nonexclusive-distrib/1.0/ |
op_doi |
https://doi.org/10.48550/arxiv.1209.2794 |
_version_ |
1766397444229169152 |