- Paperback: 432 pages
- Publisher: Digital Press; 1 edition (May 2, 2005)
- Language: English
- ISBN-10: 1555583342
- ISBN-13: 978-1555583347
- Product Dimensions: 7.2 x 1 x 9.2 inches
- Shipping Weight: 1.9 pounds (View shipping rates and policies)
- Average Customer Review: 13 customer reviews
- Amazon Best Sellers Rank: #446,657 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Implementing Database Security and Auditing 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
See the Best Books of 2018 So Far
Looking for something great to read? Browse our editors' picks for the best books of the year so far in fiction, nonfiction, mysteries, children's books, and much more.
"It's been said that everyone has their 15 minutes of fame. You certainly don't want to gain yours by allowing a security breach in your database environment or being the unfortunate victim of one. Information and Data are the currency of On Demand computing, and protecting their integrity and security has never been more important. Ron's book should be compulsory reading for managing and maintaining a secure database environment." Bob Picciano, VP Database Servers, IBM.
"Today, databases house our 'information crown jewels', but database security is one of the weakest areas of most information security programs. With this excellent book, Ben-Natan empowers you to close this database security gap and raise your database security bar!" Bruce W. Moulton. CISO/VP, Fidelity Investments (1995 - 2001)
"Let's start with a simple truth about today's world: If you have a database and you make it available to customers, employees, or whomever over a network, that database will be attacked by hackers -- probably sooner rather than later. If you are responsible for that database's security, then you need to read this book. No other single source covers all of the many disciplines and layers involved in protecting exposed databases, and it especially shines in synthesizing all of its concepts and strategies into very practical and specific checklists of things you need to do. I've been an Oracle DBA for 15 years, but I'm not embarrassed to admit that five minutes into Chapter One I was making notes on simple measures I had overlooked." -- Charles McClain, Senior Oracle DBA, North River Consulting, Inc.
"In just over 400 pages the author manages to quite thoroughly cover a wide variety of database security topics. Whether you want to learn more about encryption, authentication and password control, or access control, this book provides help." - dbazine.com, Craig Mullins
"I learned some new information that I would not have known if I hadn't been exposed to it by this book." - C.J. Kelly Computerworld
Securing application environments and databases is the major focus of information security – this book will show you how to do it.
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
In just over 400 pages the author manages to quite thoroughly cover a wide variety of database security topics. Whether you want to learn more about encryption, authentication and password control, or access control, this book provides help.
The book is useful for both DBAs and security administrators, giving each a better view of the world where the disciplines of database management and security management meet. Even better, the book offers many examples and guidelines for multiple environments. Whether you use DB2 on AIX, MySQL on Linux, Oracle on Unix, or SQL Server on Windows, Ben Natan's book provides useful guidance.
Are you curious to know more about SQL injection attacks? Learn what they are and why they are dangerous in this book. What about buffer overflows? Maybe you've read about them in the IT press, but those "newsy" pieces rarely delve into the depth required to understand and prevent attacks using these methods. This book offers that depth.
Chapter 7, "Using the Database to do Too Much," is particularly useful. In this chapter the author discusses some of the things not to do if you want to properly secure your database environment. You can save yourself a lot of trouble by reading and following these useful suggestions.
I think my favorite section of the book is the final three chapters. Here is where the author tackles the meaty topics of regulatory compliance and database auditing. New governmental rules and regulations are being introduced constantly and their impact on database administration is not clearly understood by many heads-down, techies. This book will give you a clearer understanding of laws such as GLB, Sarbanes-Oxley, and HIPAA -- and lend guidance on how to adapt your database environment in order to comply with these laws.
All-in-all Implementing Database Security and Auditing is a useful and timely publication that most DBAs would do well to read and embrace.
If you are seeking to secure your databases AND/OR audit them, this book contains both suggestions for scripting, triggers etc as well as where to look for vulnerabilities.
Bravo to the author, and THANKS, I'm using regularly, the best compliment of all.
Can be read at different levels, skipping DBA only section if you are not a DBA. Or you can selectively go to specific chapters.
My favorite are the ones about encryption and auditing.
An updated edition would be good, but even so the concepts and strategies are definitely a must read for anyone involved in DB administration or in Data Security.
After reading the book I actually felt that there are so many vulnerabilities that effect every part of an IT shop that this book is a must read for developers, architects, and management as well. Often it is the way systems are architected and coded that bring out the vulnerabilities and allow would-be hackers in.
Ron really has hit a great balance between readability and information.
The book isnt just a text or reference book but also entertained me.
The book will address issues that are relevant "today" and packed full of clear and concise methods and techniques that will be helpful in securing, monitoring, and auditing database environments. I was glad to see the author addresses the complexity of regulatory compliance and its implication on database planning, management and IT auditing.
Great read, great timing!
· Hardening Oracle environment
· Avoiding the use of mod_plsql
· Not making a database a web server and not store HTML pages in the database
From my perspective the rules concerning Web services and cross-site scripting are the most valuable. Working on these applications I see how vulnerable is a database server due to some security holes; therefore avoiding the holes is important.