A b s t r a c t 


 
Title: DBA vs Developer: Real-World Real Application Security Implementation
Presenter: Karen Cannell
Organization: TH Technology
Copresenters:
Name Organization
Jim Czuprynski Zero Defect Computing, Inc.
 
Summary: Limiting users’ access to data is still a thorny issue in many Oracle shops: How do we ensure only the right people view - much less change! - only the data they’re allowed to, without repeating the same policies again and again? The DBA wants to lock everyone down, the Developer understands the nuances of legacy code and established, intricate user rights and privileges. We’ll show you how we - the developer and the DBA - solved those issues for a large government agency with hundreds of external users via Real Application Security (RAS), whether they’re using APEX applications or direct-access tools like SQLcl, SQL*Plus or SQL Developer.
Through our real-world experience – a complex implementation for a multi-government fisheries agency with hundreds of end users, each governed by tricky rules for their access rights, we’ll show you how to:
• Deploy RAS security policies to limit end-user access while viewing or modifying sensitive data
• Differentiate users connecting indirectly via APEX applications, or directly via SQLcl or SQL Developer
• Configure the RASADM APEX application to monitor and maintain RAS security features
Hear how the Developer and the DBA clashed, collaborated and coordinated for a successful RAS implementation.


 
Topic: Database/DBaaS Administration
Session Type: One Hour Session
Target Audience: System Administration, Security, Infrastructure
Experience Level: All
Session: 10: 02/09/2024 3:30 pm to 4:30 pm
Location: Database/DBaaS Administration
 
Biographical Sketch: Karen Cannell is CTHO of TH Technology, a US-based consulting firm focused on Oracle technologies with an APEX specialty. Karen is an Oracle ACE Director, ODTUG Director and KEO #1, APEX gal, frequent user group volunteer, long-time user group advocate and conference presenter. kcannell@thtechnology.com @thtechnology
 
 


RMOUG Training Days

Conference Administration Tool | Copyright © 2024, Prairie Systems Group, Limited
Page: DISPLAY_PRESENTER_ABSTRACT | Version 1.86