Presentation is loading. Please wait.

Presentation is loading. Please wait.

ORACLE SECURITY TIPS NZOUG’ 2010 Rotorua, NZ By: Francisco Munoz Alvarez.

Published byMelissa Patrick Modified over 9 years ago

Similar presentations

Presentation on theme: "ORACLE SECURITY TIPS NZOUG’ 2010 Rotorua, NZ By: Francisco Munoz Alvarez."— Presentation transcript:

1 ORACLE SECURITY TIPS NZOUG’ 2010 Rotorua, NZ By: Francisco Munoz Alvarez

2 ORACLE SECURITY (Based on Oracle EMEA Security Workshop) Francisco Munoz Alvarez Oracle ACE Director President CLOUG, LAOUC & NZOUG 8/9/10g/11g OCP, RAC OCE, AS OCA, E-Business OCP, SQL/PLSQL OCA, Oracle 7 OCM Oracle 7 & 11GR2 Beta Tester ITIL Certified Blog: www.oraclenz.com - Email: franciscoa@dbisonline.com – Twitter : fcomunozwww.oraclenz.comfranciscoa@dbisonline.com Blog: www.oracleenespanol.com - Comunidad Oracle: www.oraclemania.ning.comwww.oracleenespanol.comwww.oraclemania.ning.com CEO at DBIS ™ Database Integrated Solutions www.dbisonline.com www.dbis.co.nz

3 The Rule: “The most important rule with respect to data is to never put yourself into an unrecoverable situation.” The importance of this guideline cannot be stressed enough, but it does not mean that you can never use time saving or performance enhancing options.

4 Information Security Has Changed

5 Hacking Steps

6 OFFICIAL STATISTICS from Secret Service Germany

7 SOME SHORT FACTS

8 HIGH SCORE LIST

9 2007/2008 SHOPPING LIST

10 CRISIS SHOPPING LIST 2009

11 CONCLUSION

12 Some Oracle Security Tips 1) Grant privileges only to a user or application which requires the privilege to accomplish necessary work. Excessive granting of unnecessary privileges can compromise security.

13 Some Oracle Security Tips 2)No administrative functions are to be performed by an application. For example create user, delete user, grant role, grant object privileges, etc.

14 Some Oracle Security Tips 3) Privileges for schema or database owner objects should be granted via a role and not explicitly. Do not use the “ALL” option when granting object privileges, instead specify the exact privilege needed, such as select, update, insert, delete.

15 Some Oracle Security Tips 4)Password protected roles may be implemented to allow an application to control access to its data. Thereby, end users may not access the application’s data from outside the application.

16 Some Oracle Security Tips 5)Access to Administrative or System user accounts should be restricted to authorized DBAs.

17 Some Oracle Security Tips 6) Do not grant system supplied database roles. These roles may have administrative privileges and the role privileges may change with new releases of the database.

18 Some Oracle Security Tips 7) Database catalog access should be restricted. Example: Use “USER_VIEWS” instead of “DBA_VIEWS” for an Oracle database.

19 Some Oracle Security Tips 8) Privileges granted to PUBLIC are accessible to every user and should be granted only when necessary.

20 Some Oracle Security Tips 9) Any password stored by applications in the database should be encrypted.

21 Some Oracle Security Tips 10) Applications should not “DROP”, “CREATE” or “ALTER” objects within the application.

22 Some Oracle Security Tips 11) Utilize the shared database infrastructure to share cost whenever possible.

23 Some Oracle Security Tips 12) Applications should not access the database with the same security as the owner of the database objects. For example on SQL Server do not grant the “dbowner” role and on Oracle do not use the Schema userid to connect to the database. Setup another userid with the necessary privileges to run the application.

24 Some Oracle Security Tips 12) Database integrity should be enforced on the database using foreign keys not in the application code. This helps prevent code outside the application from creating orphan records and/or invalid data.

25 Some Oracle Security Tips 12) Do not hard code username and passwords in the application source code.

26 Some Oracle Security Tips 13) Ensure external users have the least privilege possible.

27 Some Oracle Security Tips 13) Ensure external users have the least privilege possible.

28 Some Oracle Security Tips 14) Ensure external users have the least privilege possible.

29 Oracle Security Solutions

30 Oracle Security Components

31 DB ENVIRONMENT

32 Security Data in Rest/Access Control

33 WHAT IS ASO?

34 What Security Problems does ASO solve?

35 ASO BENEFITS

36 TDE – Transparent Data Encryption

37

38

39 SECURING DATA IN MOTION

40 NETWORK ENCRYPTION

41 SECURING BACKUP

42 SECURING BACKUP Examples

43 DATAMASKING

44 WHAT IS DATAMASKING?

45 PREVENT MODIFICATIONS BY UNAUTHORIZED USERS

46 WHAT IS DATA VAULT?

47 DATA VAULT HELP TO SOLVE:

48 DATA VAULT Vs VPD and OLS

49 DATABASE VAULT Realms and Rule

50 DATA VAULT REPORTS

51 DATA VAULT EXAMPLES

52 HIGHLY SECURED ENVIROMENTS AUDIT VALT

53 AUDIT VAULT EXAMPLES

54 AUDIT VAULT REPORTS Who, What, When, Where

55 AUDIT VAULT DASHBOARD

56 AUDIT VAULT SUMMARY

57 PROGRAM The Oracle ACE Program is designed to recognize and reward members of the Oracle Technology and Applications communities for their contributions to those communities. These individuals are technically proficient (when applicable) and willingly share their knowledge and experiences.Oracle ACE Program The program comprises two levels: Oracle ACE and Oracle ACE Director. The former designation is Oracle's way of saying "thank you" to community contributors for their efforts; we (and the community) appreciate their enthusiasm. The latter designation is for community enthusiasts who not only share their knowledge (usually in extraordinary ways), but also want to increase their community advocacy and work more proactively with Oracle to find opportunities for the same. In this sense, Oracle ACE is "backward looking" and Oracle ACE Director is "forward looking."

58 PROGRAM

59

60

61 Questions?

62 Thank you !

Download ppt "ORACLE SECURITY TIPS NZOUG’ 2010 Rotorua, NZ By: Francisco Munoz Alvarez."

Similar presentations

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server 2008. Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),

Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
Database Vault Welcome, today I’d like to present an overview of the latest security product from Oracle – Database Vault. We announced this new product.

Database Vault Welcome, today I’d like to present an overview of the latest security product from Oracle – Database Vault. We announced this new product.
Self-Validation Tech Guide

Self-Validation Tech Guide
Understand Database Security Concepts

Understand Database Security Concepts
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle Database Vault with Oracle Database 12c Chi Ching Chui Senior Development.

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle Database Vault with Oracle Database 12c Chi Ching Chui Senior Development.
Securing Oracle Databases CSS-DSG JTrumbo. Audit Recommendations -Make sure databases are current with patches. -Ensure all current default accounts &

Securing Oracle Databases CSS-DSG JTrumbo. Audit Recommendations -Make sure databases are current with patches. -Ensure all current default accounts &
Francisco Munoz Alvarez Oracle ACE Director President of NZOUG, LAOUC & CLOUG 8/9/10g/11g OCP, RAC OCE, AS OCA, E-Business OCP, SQL/PLSQL OCA, Oracle.

Francisco Munoz Alvarez Oracle ACE Director President of NZOUG, LAOUC & CLOUG 8/9/10g/11g OCP, RAC OCE, AS OCA, E-Business OCP, SQL/PLSQL OCA, Oracle.
Database Management System

Database Management System
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.
Chapter 5 Database Application Security Models

Chapter 5 Database Application Security Models
ORACLE DATABASE SECURITY

ORACLE DATABASE SECURITY
Getting Started with Oracle11g Abeer bin humaid. Create database user You should create at least one database user that you will use to create database.

Getting Started with Oracle11g Abeer bin humaid. Create database user You should create at least one database user that you will use to create database.
Database Application Security Models

Database Application Security Models
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.

CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.

Similar presentations

Ads by Google