DG0078-ORACLE11 - Each database user, application or process should have an individually assigned account.

Information

Use of accounts shared by multiple users, applications, or processes limit the accountability for actions taken in or on the data or database. Individual accounts provide an opportunity to limit database authorizations to those required for the job function assigned to each individual account.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Create individual accounts for each user, application, or other process that requires a database connection.

Document any accounts that are shared where separation is not supported by the application or for maintenance support.

Design, develop and implement a method to log use of any account to which more than one person has access.

Restrict interactive access to shared accounts to the fewest persons possible.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-24663r1_rule, STIG-ID|DG0078-ORACLE11, Vuln-ID|V-15613

Plugin: OracleDB

Control ID: 4b00ba04856056be45d0b03e9c4854410c47d2d7314efa5e4b9a0f897093f30e