Authenticate on a Separate Oracle Instance
I'm going to describe something now that reveals the extent to which we might want to pursue security. What if we segregated the application verification tasks from the actual application data? What security would that buy us? The primary benefits we will achieve are the following:
- Fewer accounts with passwords, so fewer accounts to attack
- Reduced ancillary functions (fewer optional database programs), so reduced vulnerabilities
- Ability to revoke some
PUBLICaccess to particularly revealing data dictionary views without hampering database development
- A first database hurdle for hackers to overcome before sensitive data in the second database can be pursued by attack
In this section, we will create ...