Database Vault

Contents:- Oracle Database Vault

Introduction

 è Its an add-on to Oracle Database.

 è Supported after 9i r2

 è Oracle Database Vault can prevent highly privileged users, including powerful application DBAs and others, from accessing sensitive applications and data in Oracle Database outside their unauthorized responsibilities.

 è The main goal of Oracle Database Vault is to provide separation of duty. And to provide data security.

Changes with Database Vault

 è Some initialization parameters are changed to more secure values.

 è Recycle bin feature is disabled.

 è Revoke some privileges from default roles

i.e DBA, imp_full_database, execute_catalog_role, scheduler_admin and public.

 è SYS.AUD$ table moved to system schema.

 è Sys,system and other schemas are protected as well as sensitive command i.e Alter Command.

 è Installing patches require to disable dba vault.

DBVault can be disabled with OS Access

 è On Windows: user %ORACE_HOME%\bin, delete or rename oradv[release_number].dll (example: oradv10.dll,oradv11.dll) file.

 è On Linux:- make –f $ORACLE_HOME/rdbms/lib/ins_rdbms.mk dv_off

$ORACLE_HOME/bin/relink oracle