Control access to databases
Grant privileges contains information about how the normal database-privilege mechanisms are based on the GRANT and REVOKE statements. You can sometimes use the facilities of the operating system, however, as an additional way to control access to a database.
No matter what access controls the operating system gives you, when the contents of an entire database are highly sensitive, you might not want to leave it on a public disk that is fixed to the computer. You can circumvent normal software controls when the data must be secure.
- Detach the physical medium from the computer and take it away. If the disk itself is not removable, the disk drive might be removable.
- Copy the database directory to tape and take possession of the tape.
- Use an encryption utility to copy the database files. Keep only the encrypted version.
Instead of removing the entire database directory, you can copy and then erase the files that represent individual tables. Do not overlook the fact that index files contain copies of the data from the indexed column or columns. Remove and erase the index and table files.