I am evaluating the pros and cons of having different Oracle schemas vs. separat

Question

I am evaluating the pros and cons of having different Oracle schemas vs. separate Oracle servers. Having a dedicated server for each application is really expensive and I only want to consider this if the security benefits are worth it.

One of the main sticking points is the topic of SQL injection. In case application A has an SQL injection which compromises all the data in schema A in the Oracle database, would it be possible for an attacker to access the data in schema B (in the same Oracle database) as well?

I am leaning towards the opinion that separation via schemas is enough except for the most critical of data stores. Is this the best practice and what are the main factors to consider?

Explanation / Answer

It is a common concept to create specific Database-Users for each application. These users should have the minimum privileges needed to do their job.

Lets apply this to your example:

- ApplicationA uses DataBaseUserA which has the privileges to Read/Insert/Update/Delete TableA in SchemaA.
- ApplicationB uses DataBaseUserB which has the privileges to Read TableB in SchemaB.
- Of course you also got at least one DBA account.

Now consider ApplicationB is vulnerable to SQL-injection:

- select * from SchemaA.TableA gets injected and executed by DataBaseUserB.
- The DataBase response would be ORA-00942: table or view does not exist

At most use-cases i would consider this behaviour to be secure enought. Of course a completey different DataBase-instance would add another layer of security in case of some unknown security critical issue in Oracle DB.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.