I am an application developer who has developed a secure technology to prevent unauthorized access to a database from applications. It is specifically written in .NET as that seems to be the greatest culprit, but it also works as a software development data access layer for any object-oriented app.

Clean and simple, the full code can be scanned and understood in less than 20 minutes. Extremely fast. It FORCES best practices and will not run without good n-tier design. However, it makes that very simple and easy with no configuration and code generation for Stored Procs and classes.

Security: It will not allow SQL to the database. ALL access via stored procedures. The DBAs will like its architecture.

Also, my strong recommendation to all companies that are using this technology (in use for 10+ years in Java, VB6, and C# varieties) is a single DBA become a public officer of the corporation. VP of Information Security or something. That DBA/VP safeguards the data (bank or Facebook, etc.)

How do I present this to Oracle or MS? Application development can be VERY simple. Self unit-tests on every run automatically. Fast as can be. In .NET lingo one might call this the System.Persistence namespace.