BITP3433 Information Technology and Database Security

Assignment 2

Assuming that you are the DBA for a company and youre asked to implement a new database server using Oracle database management system. In any implementation, security needs to be a theme woven throughout the project, not an afterthought.

Design and implement role-based security and password policies base on the following requirements:

No user should have delete access to data.

Human Resource needs to be able to fully manage employee data.

Customer Service needs to be able to make changes to existing customers and view order data.

Customer account managers need to be able to fully manage customer data and orders.

Sales need to be able to view customer data and fully manage orders.

Marketing needs to be able to pull quarterly sales numbers to analyze.

Password policies must be set up based on the following best practices:

a. Minimum password length is 8 characters.

b. Account will be locked after three failed login attempts.

c. Password must be changed after first login.

d. Password expires after 30 days.