Database Vault: Enforcing Separation of Duties to Meet Regulatory Compliance Requirements

Summary form only given. Various regulatory or legal requirements - such as the payment card industry´s PCI-DSS or the European Union´s directive 95/46/EC on the protection of personal data - limit access to certain data only to those who have a need to know. This has implications for all current database systems as these systems are being administered by database administrators who traditionally have access to all data at all times. This presentation outlines how database vault - a new so-called option for the Oracle database - allows for the separation of duties within a database e.g. by separating data management from user management, by taking any critical data out of reach of the database administrator, or by tying the execution of SQL statements to flexible limitations such as the 4 eyes principle.