Detection of Malicious User in Oracle 10g DBMS and Cost of Elimination

One major difficulty faced by organizations is the protection of data against malicious access. Six security mechanisms, namely, authentication, authorization, access control, auditing, encryption and integrity control are available in Oracle 10g database management systems (DBMS). These are implemented for protecting data. These typical database security mechanisms are not able to detect and handle many data security attacks. This research resulted identification of a new security vulnerability in Oracle 10g database, coined with the name, 'Hidden User'. The authors propose a new mechanism for the detection of malicious transactions by the 'Hidden User' and simulate solutions.