Security Implication

Oracle 9i and SQL Server 2000 provide almost the same security features. They both provide features like user authentication, auditing, encryption techniques and grant based security.

But they have different ways to implement these security features in their databases which creates some differences in their security. Let us discuss the implications of these differences in security:

  • Creating login accounts and users in Oracle 9i and SQL Server is roughly equivalent. But SQL Server 2000 provides extra security using two modes of authentication: Windows Authentication and Mixed mode. Windows Authentication mode uses the security mechanism within the Windows NT/2000 to provide security to SQL Server 2000. So in this mode, authentication is done using Windows platform and it makes this mode platform specific.

 

  • Oracle 9i uses Oracle Advanced Security for Enterprise Edition only to provide features like data encryption, data privacy, encryption, integrity, authentication and single sign-on. This feature adds extra cost to the Enterprise Edition. But SQL Server provides all these features at much lower cost and greater ease of use.

 

  • Data encryption in Oracle 9i is done using Oracle Advanced Security feature. And in SQL Server 2000, it is done using Encrypted File System of Windows 2000. Hence, SQL Server 2000 and Windows 2000 provide better security working together. And this feature makes easier to configure security in SQL Server 2000.

 

  • SQL Server 2000 provides same security features across their all product lines i.e. across all versions of 2000. But Oracle 9i provides different security features with Oracle Advanced Security for Enterprise Edition and makes it more costly. But this difference makes a point for organizations which do not want a very secure database and can use Oracle 9i’s Standard Edition for less cost. But even then SQL Server is less costly as compared to Oracle 9i and provides almost same security features.

 

  • Oracle 9i provides very fine- grained auditing and Virtual Private Databases feature which takes security to an extra level as compared to SQL Server 2000 and hence, gives Oracle 9i an edge over SQL Server 2000.

Big Question. Which database is more secure?

Even after looking at the differences in security features of the two databases and implications of those differences, we cannot mention which database is more secure. Though Oracle 9i provides some extra security features, but the ease to implement the security features still lies with SQL Server 2000. Moreover, Oracle 9i provides Extra Security feature with Oracle Advanced Security for Enterprise Edition by incurring some extra cost for that. While SQL Server 2000 is cheap and it provides better security features when working with Windows 2000.

But we can still say SQL Server 2000 provides better security for environment which needs an easy to use and comparatively cheap database.

And oracle 9i with its extra security features is costlier and needs better expertise to make use of all the security features developed.

 

in future may be i will edit this document …….. 

THANKS……..

Advertisement

~ by sikanderjeet on May 24, 2009.

Posted in Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

 
Follow

Get every new post delivered to your Inbox.