Effective Oracle Database 10g Security by Design

It would be easy to be secure if all the data were in one room, there were no connections to the outside world (well I guess you have to have power coming in, but that's all), and there were no people who knew the data. Unfortunately that's not the real world. Breaking the German and Japanese codes during World War II would have been meaningless if that information wasn't used to sink the submarines, divert the convoy, or... Read Full Review

This is THE book to own on Oracle 10g Security. In addition to database security, the book also does a great job explaining 10g J2EE application security and identity management. If you want to fully leverage Oracle's powerful database security features in your Oracle applications--and you should--this might be the only detailed roadmap you will find. It IS the only one I could find!

If the solution to your Oracle security problem cannot be found in David Knox's Effective Oracle Security by Design, it cannot be found anywhere. This book is invaluable for anyone needing to understand or implement security in an Oracle 10g or 9i database or middle tier. In addition to clear explanations, there are tested code examples for virtually every task. I would strongly urge anyone concerned with building secure IT... Read Full Review

Unlike most of Oracle's documentation, which requires you to go through several manuals to accomplish something, this book provides a high to mid level step by step guide for implementing defense in depth and least privilege security for Oracle 10G databases. Granted, this book doesn't go extremely deep to the point of Thomas Kyte's reference manual, but it is an easy read and has specific examples that will help you do basic... Read Full Review

When reading books that serve as Design Guides, the litmus test for it's effectives lies in the answer to the following question, - "Did this book really help me in implementing a solution?" The answer for me was a resounding "YES" especially with regards to Label Security and Proxy Authentication. David Knox does a great job of explaining database security concepts through his examples. Furthermore the passage of an identity... Read Full Review