Vaibhav Gargs wrote:I believe I couldn't make the question clearer, apologize for it. I meant the application needs to connect to the database using some credentials (URL, username, password etc.) and some other connection parameters as well, so, how can we protect this sensitive information in our application.
Ah. Tim Moores asked you if you suspected the sysadmins of malicious intent. Regrettably, such is often the case.
To minimise exposure, if you have, say, a webapp that you want to secure and it, in turn has a user database you want secured, then one of the first things I'd recommend is that you not keep both the application data and user data in the same database.
The next thing would be to create an account for the webapp which was restricted 18 ways from Sunday. That is, first, that account user should not be able to write to any tables that the webapp isn't supposed to write to or read from any tables that the webapp shouldn't be allowed to read. In addition, many DBMS's can restrict things like what network addresses can use a database account, so, for example, that userid should be valid from the production webserver machine(s), but not from any desktop machine (including the sysadmins). At some point you're pretty much going to have to have a terminus in the authentication/authorization chain. In the case of
Tomcat, that would be Context and server.xml in the TOMCAT_HOME config directory. The entire server directory subtree (in this particular case, TOMCAT_HOME) should have as few access rights as you can tolerate. Tomcat, of course, would need to be able to read and write, but depending on how things are managed, a sysadmin might be partially or totally blocked.
Then the next level of paranoia is that if you have an app for adding/modifying user accounts for the webapp in question, that app should ideally be a completely separate webapp from the main web application, and thus administer the user account database and only the user account database, with the converse being true that the actual application app would have no access to the userid/password/access rights database.
And to complete our paranoia, have all access to the server machine(s) be done using an encrypted LAN - or better yet a restricted encrypted VPN, both for shell access and database access. And firewall everything.
Nothing's unbreakable, but this will make it much harder to crack.
Again, I've use a web application as an example, but even if that's not what you're looking for, I hope it will give some ideas.