GRMPMS
asked on
Best practice for database link
Company owns an ERP oracle database(A). Vendor have installed another product on oracle database(B).
B requires data from staging tables in A on-demand or real time. B also requires to push data into staging table frequently.
Company has got 24*7 support from Vendor. But access is given on case-to-case basis to the vendor to support this database.
What is best practice to enable data exchange? Currently, a database link from Vendor Database to company database is created? Can the vendor exploit the database link to hack into company database?
B requires data from staging tables in A on-demand or real time. B also requires to push data into staging table frequently.
Company has got 24*7 support from Vendor. But access is given on case-to-case basis to the vendor to support this database.
What is best practice to enable data exchange? Currently, a database link from Vendor Database to company database is created? Can the vendor exploit the database link to hack into company database?
ASKER
@devind- thanks for sharing the information. It was indeed informative.
Any other inputs are welcome
Any other inputs are welcome
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
devind,
Please do not just Google and post the first link you find. If you Google the title of this question the very first link is what you posted.
Please do not just Google and post the first link you find. If you Google the title of this question the very first link is what you posted.
ASKER
@sligtwv.
Thanks for the post.
From the vendor dbase(residing in our company premise and controlled by our company) the link has been created using a database user from our ERP database. The available access for this user is only 5 interface table. 4 tables to pull data into vendor database. 1 table to push data into ERP database.
Hence, I believe security is not compromised. Or am i wrong?
Thanks for the post.
From the vendor dbase(residing in our company premise and controlled by our company) the link has been created using a database user from our ERP database. The available access for this user is only 5 interface table. 4 tables to pull data into vendor database. 1 table to push data into ERP database.
Hence, I believe security is not compromised. Or am i wrong?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@sligtwv- thanks for the reply
In our case, company database 'all* objects are secured.
even the power users like senior developers has no access.
If that is the scenario, is it still possible to hack from the vendor database?
In our case, company database 'all* objects are secured.
even the power users like senior developers has no access.
If that is the scenario, is it still possible to hack from the vendor database?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@sligtwv- thanks for the reply.
It is not a trust issue. the vendor database is residing in our premises. Vendor can access it only if patches have to be applied. that too under companies supervision. In other words, it is not an 24*7 open connection for the vendor.
for this instance, I am trying to reverse the db link. ie. from our database to vendor database.
@sanjeevlabh: thanks for the reply.
the current dblink user is a highly restricted user with access to only the 5 interface tables. Nothing more.
BY my question, I wanted to know if methods exist in hacking into the destination database.
It is not a trust issue. the vendor database is residing in our premises. Vendor can access it only if patches have to be applied. that too under companies supervision. In other words, it is not an 24*7 open connection for the vendor.
for this instance, I am trying to reverse the db link. ie. from our database to vendor database.
@sanjeevlabh: thanks for the reply.
the current dblink user is a highly restricted user with access to only the 5 interface tables. Nothing more.
BY my question, I wanted to know if methods exist in hacking into the destination database.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://palisade.plynt.com/issues/2008Oct/dblinks-security/