|
When I first became aware of Adrian Neagu's intent to author a book on Oracle security, I sent
him a congratulatory note. This is an important subject area, and I felt a special need to pass
on my best wishes. His first book IBM DB2 9.7 Advanced Administration Cookbook, Packt
Publishing, had a chapter devoted to database security that shared some of the knowledge
he had learned as an IBM Certified Advanced DB2 Administrator. I was excited to hear that he
was now going to put on paper some of the knowledge he has gained from real-world security
experiences as an Oracle Certified Master Database Administrator. He was going to help
educate Oracle IT professionals on techniques they could use to protect the data and server
assets placed under their stewardship.
The title he chose for his second book, Oracle 11g Anti-hacker's Cookbook, really grabbed my
attention as well. The book's title seemed to conjure up images of evildoers on the internet
placing their sights on attacking systems and attempting to steal or compromise the data they
contained. We've all heard stories about hackers that have broken into systems and stolen
our data. They've actually gotten some of my personal data by compromising the systems of a
couple of companies whose products I have purchased. The same group or others like them
may have taken some of your data as well. There are bad guys out there, and there are certainly
many that try to get into systems for amusement, malice, or profit. But hackers are not the
only ones that can harm or inappropriately access your data. I've been personally involved in
situations in which identified risks were traced back to an authorized internal user who was
doing some things he or she should not have done. Those situations could have been prevented
with some of the controls described in this book. They may not have been available then, but
they are available now in the enhanced Oracle 11g security-oriented features. |