> Then log as this user and create role named SYSDBA, not by create role command, use direct access to RDB$ROLES and INSERT command. Name Your user as an owner of this role.
>
> Now the only one user that can access database is Your user, SYSDBA cannot connect nor using embedeed server.
>
> It's very usefull to use Your own users, than SYSDBA, because You can fully controll the access of these users to database.

But from security POV all this is useless as well. Yes, SYSDBA can't
access this database anymore, but it will take a couple of minutes to
find out name of "Your user" and a minute later I will be logged in as
this user with full destructive power.
On the other hand, if I wish to destroy your data, I can save these
minutes and simply delete database file as whole.
As I already said - security battle is lost as soon as enemy has got
access to server. There is no DBMS which can survive after that.

SY, SD.