In modern database systems, one or more customers may share the various elements of hardware and software of the database system. Such a shared hardware and software approach can enable database related services to be provided at a far lower cost than if each customer had to buy hardware and software for themselves. In such a system it is highly desirable to assure that a customer's data remains secure and only visible and updatable by appropriate users in an organization.
Data security starts with physical security, including intrusion detection and physical access controls. At the network layer, industry standard network firewalls typically are used to block access to all machines within the data center except when appropriate over the HTTP protocol. Also, the network may be scanned from outside the datacenter to assure the network firewall is blocking all unauthorized access. Nonetheless, it is useful to provide additional or alternative security systems and methods as a defense against possible errors or defects in application software, system and network software, and/or system and network hardware that may cause the wrong page or data to be returned to a user.
Therefore it is desirable to provide systems and methods to assure that any error or defect in the shared hardware and software infrastructure does not cause the vital customer data to be delivered to the wrong user.