Oracle Database 12c Security Cookbook

Secure your Oracle Database 12c with this valuable Oracle support resource, featuring more than 100 solutions to the challenges of protecting your data

Oracle Database 12c Security Cookbook

Zoran Pavlović, Maja Veselica

1 customer reviews
Secure your Oracle Database 12c with this valuable Oracle support resource, featuring more than 100 solutions to the challenges of protecting your data
Mapt Subscription
FREE
$29.99/m after trial
eBook
$30.80
RRP $43.99
Save 29%
Print + eBook
$54.99
RRP $54.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$30.80
$54.99
$29.99p/m after trial
RRP $43.99
RRP $54.99
Subscription
eBook
Print + eBook
Start 30 Day Trial
Subscribe and access every Packt eBook & Video.
 
  • 5,000+ eBooks & Videos
  • 50+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 
Preview in Mapt

Book Details

ISBN 139781782172123
Paperback388 pages

Book Description

Businesses around the world are paying much greater attention toward database security than they ever have before. Not only does the current regulatory environment require tight security, particularly when dealing with sensitive and personal data, data is also arguably a company’s most valuable asset - why wouldn’t you want to protect it in a secure and reliable database? Oracle Database lets you do exactly that. It’s why it is one of the world’s leading databases – with a rich portfolio of features to protect data from contemporary vulnerabilities, it’s the go-to database for many organizations.

Oracle Database 12c Security Cookbook helps DBAs, developers, and architects to better understand database security challenges. Let it guide you through the process of implementing appropriate security mechanisms, helping you to ensure you are taking proactive steps to keep your data safe. Featuring solutions for common security problems in the new Oracle Database 12c, with this book you can be confident about securing your database from a range of different threats and problems.

Table of Contents

Chapter 1: Basic Database Security
Introduction
Creating a password profile
Creating password-authenticated users
Changing a user's password
Creating a user with the same credentials on another database
Locking a user account
Expiring a user's password
Creating and using OS-authenticated users
Creating and using proxy users
Creating and using database roles
The sysbackup privilege – how, when, and why should you use it?
The syskm privilege – how, when, and why should you use it?
The sysdg privilege – how, when, and why should you use it?
Chapter 2: Security Considerations in Multitenant Environment
Introduction
Creating a common user
Creating a local user
Creating a common role
Creating a local role
Granting privileges and roles commonly
Granting privileges and roles locally
Effects of plugging/unplugging operations on users, roles, and privileges
Chapter 3: PL/SQL Security
Introduction
Creating and using definer's rights procedures
Creating and using invoker's right procedures
Using code-based access control
Restricting access to program units by using accessible by
Chapter 4: Virtual Private Database
Introduction
Creating different policy functions
Creating Oracle Virtual Private Database row-level policies
Creating column-level policies
Creating a driving context
Creating policy groups
Setting context as a driving context
Adding policy to a group
Exempting users from VPD policies
Chapter 5: Data Redaction
Introduction
Creating a redaction policy when using full redaction
Creating a redaction policy when using partial redaction
Creating a redaction policy when using random redaction
Creating a redaction policy when using regular expression redaction
Using Oracle Enterprise Manager Cloud Control 12c to manage redaction policies
Changing the function parameters for a specified column
Add a column to the redaction policy
Enabling, disabling, and dropping redaction policy
Exempting users from data redaction policies
Chapter 6: Transparent Sensitive Data Protection
Introduction
Creating a sensitive type
Determining sensitive columns
Creating transparent sensitive data protection policy
Associating transparent sensitive data protection policy with sensitive type
Enabling, disabling, and dropping policy
Altering transparent sensitive data protection policy
Chapter 7: Privilege Analysis
Introduction
Creating database analysis policy
Creating role analysis policy
Creating context analysis policy
Creating combined analysis policy
Starting and stopping privilege analysis
Reporting on used system privileges
Reporting on used object privileges
Reporting on unused system privileges
Reporting on unused object privileges
How to revoke unused privileges
Dropping the analysis
Chapter 8: Transparent Data Encryption
Introduction
Configuring keystore location in sqlnet.ora
Creating and opening the keystore
Setting master encryption key in software keystore
Column encryption - adding new encrypted column to table
Column encryption - creating new table that has encrypted column(s)
Using salt and MAC
Column encryption - encrypting existing column
Auto-login keystore
Encrypting tablespace
Rekeying
Backup and Recovery
Chapter 9: Database Vault
Introduction
Registering Database Vault
Preventing users from exercising system privileges on schema objects
Securing roles
Preventing users from executing specific command on specific object
Creating a rule set
Creating a secure application role
Using Database Vault to implement that administrators cannot view data
Running Oracle Database Vault reports
Disabling Database Vault
Re-enabling Database Vault
Chapter 10: Unified Auditing
Introduction
Enabling Unified Auditing mode
Configuring whether loss of audit data is acceptable
Which roles do you need to have to be able to create audit policies and to view audit data?
Auditing RMAN operations
Auditing Data Pump operations
Auditing Database Vault operations
Creating audit policies to audit privileges, actions and roles under specified conditions
Enabling audit policy
Finding information about audit policies and audited data
Auditing application contexts
Purging audit trail
Disabling and dropping audit policies
Chapter 11: Additional Topics
Introduction
Exporting data using Oracle Data Pump in Oracle Database Vault environment
Creating factors in Oracle Database Vault
Using TDE in a multitenant environment
Chapter 12: Appendix – Application Contexts
Introduction
Exploring and using built-in contexts
Creating an application context
Setting application context attributes
Using an application context

What You Will Learn

  • Analyze application privileges and reduce the attack surface
  • Reduce the risk of data exposure by using Oracle Data Redaction and Virtual Private Database
  • Control data access and integrity in your organization using the appropriate database feature or option
  • Learn how to protect your databases against application bypasses
  • Audit user activity using the new auditing architecture
  • Restrict highly privileged users from accessing data
  • Encrypt data in Oracle Database
  • Work in a real-world environment where a multi-layer security strategy is applied

Authors

Table of Contents

Chapter 1: Basic Database Security
Introduction
Creating a password profile
Creating password-authenticated users
Changing a user's password
Creating a user with the same credentials on another database
Locking a user account
Expiring a user's password
Creating and using OS-authenticated users
Creating and using proxy users
Creating and using database roles
The sysbackup privilege – how, when, and why should you use it?
The syskm privilege – how, when, and why should you use it?
The sysdg privilege – how, when, and why should you use it?
Chapter 2: Security Considerations in Multitenant Environment
Introduction
Creating a common user
Creating a local user
Creating a common role
Creating a local role
Granting privileges and roles commonly
Granting privileges and roles locally
Effects of plugging/unplugging operations on users, roles, and privileges
Chapter 3: PL/SQL Security
Introduction
Creating and using definer's rights procedures
Creating and using invoker's right procedures
Using code-based access control
Restricting access to program units by using accessible by
Chapter 4: Virtual Private Database
Introduction
Creating different policy functions
Creating Oracle Virtual Private Database row-level policies
Creating column-level policies
Creating a driving context
Creating policy groups
Setting context as a driving context
Adding policy to a group
Exempting users from VPD policies
Chapter 5: Data Redaction
Introduction
Creating a redaction policy when using full redaction
Creating a redaction policy when using partial redaction
Creating a redaction policy when using random redaction
Creating a redaction policy when using regular expression redaction
Using Oracle Enterprise Manager Cloud Control 12c to manage redaction policies
Changing the function parameters for a specified column
Add a column to the redaction policy
Enabling, disabling, and dropping redaction policy
Exempting users from data redaction policies
Chapter 6: Transparent Sensitive Data Protection
Introduction
Creating a sensitive type
Determining sensitive columns
Creating transparent sensitive data protection policy
Associating transparent sensitive data protection policy with sensitive type
Enabling, disabling, and dropping policy
Altering transparent sensitive data protection policy
Chapter 7: Privilege Analysis
Introduction
Creating database analysis policy
Creating role analysis policy
Creating context analysis policy
Creating combined analysis policy
Starting and stopping privilege analysis
Reporting on used system privileges
Reporting on used object privileges
Reporting on unused system privileges
Reporting on unused object privileges
How to revoke unused privileges
Dropping the analysis
Chapter 8: Transparent Data Encryption
Introduction
Configuring keystore location in sqlnet.ora
Creating and opening the keystore
Setting master encryption key in software keystore
Column encryption - adding new encrypted column to table
Column encryption - creating new table that has encrypted column(s)
Using salt and MAC
Column encryption - encrypting existing column
Auto-login keystore
Encrypting tablespace
Rekeying
Backup and Recovery
Chapter 9: Database Vault
Introduction
Registering Database Vault
Preventing users from exercising system privileges on schema objects
Securing roles
Preventing users from executing specific command on specific object
Creating a rule set
Creating a secure application role
Using Database Vault to implement that administrators cannot view data
Running Oracle Database Vault reports
Disabling Database Vault
Re-enabling Database Vault
Chapter 10: Unified Auditing
Introduction
Enabling Unified Auditing mode
Configuring whether loss of audit data is acceptable
Which roles do you need to have to be able to create audit policies and to view audit data?
Auditing RMAN operations
Auditing Data Pump operations
Auditing Database Vault operations
Creating audit policies to audit privileges, actions and roles under specified conditions
Enabling audit policy
Finding information about audit policies and audited data
Auditing application contexts
Purging audit trail
Disabling and dropping audit policies
Chapter 11: Additional Topics
Introduction
Exporting data using Oracle Data Pump in Oracle Database Vault environment
Creating factors in Oracle Database Vault
Using TDE in a multitenant environment
Chapter 12: Appendix – Application Contexts
Introduction
Exploring and using built-in contexts
Creating an application context
Setting application context attributes
Using an application context

Book Details

ISBN 139781782172123
Paperback388 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Oracle Database 12c Backup and Recovery Survival Guide Book Cover
Oracle Database 12c Backup and Recovery Survival Guide
$ 35.99
$ 25.20
OCA Oracle Database 11g: Database Administration I: A Real-World Certification Guide Book Cover
OCA Oracle Database 11g: Database Administration I: A Real-World Certification Guide
$ 35.99
$ 25.20
Oracle Enterprise Manager 12c Administration Cookbook Book Cover
Oracle Enterprise Manager 12c Administration Cookbook
$ 29.99
$ 21.00
Oracle Database 11gR2 Performance Tuning Cookbook Book Cover
Oracle Database 11gR2 Performance Tuning Cookbook
$ 32.99
$ 23.10
Oracle Enterprise Manager Cloud Control 12c: Managing Data Center Chaos Book Cover
Oracle Enterprise Manager Cloud Control 12c: Managing Data Center Chaos
$ 38.99
$ 27.30
Oracle Data Guard 11gR2 Administration : Beginner's Guide  Book Cover
Oracle Data Guard 11gR2 Administration : Beginner's Guide
$ 35.99
$ 25.20