Enter your mobile number below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
Getting the download link through email is temporarily not available. Please check back later.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your mobile phone number.

Buy Used
+ $3.99 shipping
Used: Good | Details
Condition: Used: Good
Comment: Shows some signs of wear, and may have some markings on the inside. 100% Money Back Guarantee. Shipped to over one million happy customers.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Oracle Privacy Security Auditing: Includes Federal Law Compliance with HIPAA, Sarbanes Oxley & The Gramm Leach Bliley Act GLB (Oracle In-Focus series) Paperback – December 1, 2003

3.4 out of 5 stars 10 customer reviews

See all 2 formats and editions Hide other formats and editions
New from Used from
"Please retry"
$39.99 $0.95

Excel 2016 For Dummies Video Training
Discover what Excel can do for you with self-paced video lessons from For Dummies. Learn more.
click to open popover

Editorial Reviews

About the Author

Arup Nanda has been an Oracle DBA in areas such as design, modeling, performance tuning, and backup and recovery. Currently he is working on the HIPAA database design for a large U.S. national insurance company. He is a frequent speaker at Oracle-related conferences such as IOUG Live, has written several Oracle-related articles, and is on the editorial board for SELECT Journal, the publication of the International Oracle Users Group. He is the founder of Proligence, Inc., a company that provides specialized solutions on Oracle technologies such as replication, standby databases, security evaluations, and HIPAA implementations. He lives in Norwalk, Connecticut. Donald K. Burleson is the author of 16 Oracle database books and is the editor-in-chief of Oracle Internals. He is an Oracle consultant with extensive experience designing and implementing Oracle8 databases, including systems architecture, project management, data warehouse design, implementation and tuning, tuning massively parallel Oracle databases, Oracle SQL tuning, using Oracle with SAP, and tuning very large Oracle databases. He lives in Kittrell, North Carolina.

New York Times best sellers
Browse the New York Times best sellers in popular categories like Fiction, Nonfiction, Picture Books and more. See more

Product Details

  • Series: Oracle In-Focus series
  • Paperback: 655 pages
  • Publisher: Rampant Techpress (December 1, 2003)
  • Language: English
  • ISBN-10: 0972751394
  • ISBN-13: 978-0972751391
  • Product Dimensions: 6 x 1.4 x 9 inches
  • Shipping Weight: 1.6 pounds
  • Average Customer Review: 3.4 out of 5 stars  See all reviews (10 customer reviews)
  • Amazon Best Sellers Rank: #2,149,414 in Books (See Top 100 in Books)

Customer Reviews

Top Customer Reviews

By A Customer on January 17, 2004
Format: Paperback
I bought this book to learn more about Virtual Private Database which I am implementing now - and it was a pleasant surprise see that not only that but all other areas are detailed as well. The chapter on VPD goes much beyond the Oracle common references and explains concepts like application contexts, in such clarity and relative to to real life examples that the chapter alone may be worth the price of the book.
Other things that make the book must read - the material on listener security, a simple firewall settings, fine grained auditing, and the 10g features. SQL Injection and Application User models described in the book were exactly what we were missing and we got it in this.
Hmmm..why the large fonts?!!
Comment 5 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
Agreeing with other reviewers on the astounding attention to the details, the depth of coverage, and extremely useful examples, I would like to add another perspective: this book is also an excellent read for those IT Management types who wants to get familiar with the concepts but not get buried in the details. The book introduces the topics gradually, making it available for CIOs, Security Officers, IT Managers (who can stop reading before the detailed examples) and to Senior DBAs (who can but won't skip the introductory chapters because the text is so well written and so engaging). Excellent and comprehensive read for the entire spectrum of IT professionals! A must read for those in Healthcare or for any public corporation.
Comment 7 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
What makes a good book? Topic and coverage count less than half of it; the key is the presentation. In this book the contents have been presented in a very logical manner - you would go from simple security concepts to larger and more complex issues. The best parts are perhaps the neat summaries at the end of the chapters, a bulleted list of points covered.
The most valuable part of the book, in my opinion, is the practical advice it imparts in building an Oracle database with security in mind. Take for example the section on building a virtual private database where the database users are not relevant, such as in a web interface. The chapter explains not only how to do it, but comes complete with the code to implement in action! Just loved it!
Little snippets of information such as alter session privilege is not required for any session altering commands like sort area size, etc., are pure gems. Debunking these fallacies is nothing new in books of similar kind; but this book has more of these and also in a caterigical manner which makes it easy to comprehend. Other non- or little-documented tidbits like the way a listener password is set, are also very useful.
The chapter on Oracle 10g is good; but not useful at this time. Most likely the authors wanted to bullet-proof the book for the new version of Oracle. I had downloaded the chapter from OTN earlier.
My only complaint - the book is too thick to lie flat, required for a book of this nature, i.e. reference.
Comment 2 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback Verified Purchase
The title of this book is quite misleading. The title should stop with HIPAA. HIPAA is the sole focus; there is no mention of SO or GLB. True, the overall goals of SO and GLB are similar to those of HIPAA (control, accountability, confidentiality) but I would expect a book that has SO and GLB in the title to mention those laws and perhaps (as I was hoping) provide some specific insights. If you want to learn something about HIPAA, this is the book. If you want to learn something about SO or GLB, you have to learn it elsewhere and then apply the legalistic knowledge into this book on Oracle.

The second gripe is with the index. Personally, I don't have the time to read a book cover-to-cover. I need a competent index to be able to look up specifics. This index is woefully short (4 large type pages). Further, I sincerely believe the index is for some other version of the book or other book entirely. The page references do not match the pages. Hence index is useless.

I was in the process of returning this book (first time I would have done so) when I came over to the reviews and started reading them. My gripes are legitimate but I have decided to keep the book for its security aspects rather than its integration of HIPAA, SO or GLB requirements into Oracle security. After all, the Oracle Security Handbook (Theriault and Newman) is out of date.
Comment 8 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback Verified Purchase
This remarkable book covers how to use Oracle 9i security and auditing facilities to achieve compliance with three major laws. While the book emphasizes HIPAA, it also addresses, either directly or indirectly, privacy security and auditing with respect to the Gramm-Leach-Bliley Act (Subtitle A: Disclosure of Nonpublic Personal Information 15 U.S.C. 6801-6810 and Subtitle B: Fraudulent Access to Financial Information 15 U.S.C. 6821-6827), HIPAA requirements for protecting data and enforcing security and privacy, and Sarbanes-Oxley Act Section 404 requirements related to integration of transactional systems, logs and auditing trails, and data security.

Structure of this book is in three sections:

Section I gives an introductions to HIPAA, Oracle security and Oracle auditing. Among the topics covered are grant, role-based, and profile based security, as well as virtual private databases (row-level security, fine-grained access control), and application server security.

Section II goes deeper into general Oracle security, covering relational grant security as it relates specifically to HIPAA (but can be also used for Gramm-Leach-Bliley and Sarbanes-Oxley compliance because the requirements are similar regarding these mechanisms and techniques). Also covered are encryption and network security.

Section III deals with auditing using Oracle facilities, tables, DDL and DML, and covers the spectrum from grants auditing to fine-grained audits. Again, the focus is on HIPAA requirements (Chapter 11, for example, contains the following topics: Auditing select access as per the HIPAA mandated auditing of Patient Health Information, and Combining FGA and Flashback queries to answer the most important question in addition to who saw the data, what they saw.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse