HOWTO Secure and Audit Oracle 10g and 11g

Front Cover
CRC Press, Mar 10, 2009 - Computers - 470 pages
0 Reviews

Oracle is the number one database engine in use today. The fact that it is the choice of military organizations and agencies around the world is part of the company’s legacy and is evident in the product. Oracle has more security-related functions, products, and tools than almost any other database engine. Unfortunately, the fact that these capabilities exist does not mean that they are used correctly or even used at all. In fact, most users are familiar with less than twenty percent of the security mechanisms within Oracle.

Written by Ron Ben Natan, one of the most respected and knowledgeable database security experts in the world, HOWTO Secure and Audit Oracle 10g and 11g shows readers how to navigate the options, select the right tools and avoid common pitfalls. The text is structured as HOWTOs addressing each security function in the context of Oracle 11g and Oracle 10g. Among a long list of HOWTOs, readers will learn to:

  • Choose configuration settings that make it harder to gain unauthorized access
  • Understand when and how to encrypt data-at-rest and data-in-transit and how to implement strong authentication
  • Use and manage audit trails and advanced techniques for auditing
  • Assess risks that may exist and determine how to address them
  • Make use of advanced tools and options such as Advanced Security Options, Virtual Private Database, Audit Vault, and Database Vault

The text also provides an overview of cryptography, covering encryption and digital signatures and shows readers how Oracle Wallet Manager and orapki can be used to generate and manage certificates and other secrets. While the book’s seventeen chapters follow a logical order of implementation, each HOWTO can be referenced independently to meet a user’s immediate needs. Providing authoritative and succinct instructions highlighted by examples, this ultimate guide to security best practices for Oracle bridges the gap between those who install and configure security features and those who secure and audit them.

 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Introduction How This Book Will Help You Be Secure and Compliant
1
Hardening the Database
11
Securing the Listener
29
Account Security
53
Cryptography Oracle Wallets and Oracle PKI
73
Authentication
99
Encrypting DatainTransit
127
Encrypting DataatRest
151
FineGrained Auditing
223
Auditing BeforeAfter Values and Monitoring Selected Data
235
Oracle Audit Vault
255
Database Activity Monitoring
285
Virtual Private Database
359
Oracle Database Vault
383
Payment Card Industry PCI Data Security Standard DSS Version 11 Impact on Oracle Security Implementations
413
Using an AllinOne Solution An Example
425

Standard Auditing
187
Mandatory and Administrator Auditing
213
Back Cover
443
Copyright

Other editions - View all

Common terms and phrases

About the author (2009)

Ron Ben-Natan (Tel Aviv, Israel) is the Vice President of Product Development of RTS Software responsible for product architecture and technology direction. Previous to that he was a consultant developing Web-related and CORBA-related components with Java, JavaScript, Visual C++, ActiveX, and Orbix. Ori Sasson (Tel Avid, Israel) is the co-founder of a small software company specializing in complex, object-oriented programming applications.

Bibliographic information