SlideShare ist ein Scribd-Unternehmen logo

Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Some easyways to make your DB more secure.pdf

I
InSync2011
TechnologieBusiness
1 von 78
Downloaden Sie, um offline zu lesen
ORACLE  SECURITY       Francisco  Munoz  Alvarez       Oracle  ACE  Director   President  CLOUG,  LAOUC  &  NZOUG   8/9/10g/11g  OCP,  RAC  OCE,  AS  OCA,  E-­‐Business  OCP,  SQL/PLSQL  OCA,  Oracle  7  OCM   Oracle  7  &  11GR2  Beta  Tester   ITIL  CerKfied   2010  Oracle  Ace  Director  of  the  year  by  Oracle  Magazine     Blog:  www.oraclenz.com        -­‐    Email:  mbatec@hotmail.com    –  TwiXer  :  fcomunoz   Blog:  www.oracleenespanol.com    -­‐  Comunidad  Oracle:    www.oraclemania.ning.com       Oracle  Professional  Services  Manager   Revera     www.revera.co.nz      
ORACLE  SECURITY  TIPS           Insync 2011 Sydney, Australia           By:   Francisco  Munoz  Alvarez    
Mature   Born  here   Grow  up   Got  Married  Here   Now  Living  here   here   here   DBIS - Copyright 2010 3
The  Rule:       “The  most  important  rule  with  respect  to  data  is   to   never   put   yourself   into   an   unrecoverable   situaKon.”       The  importance  of  this  guideline  cannot  be     stressed  enough,  but  it  does  not  mean  that   you   can   never   use   time   saving   or   performance  enhancing  options.    
Always Try it Before!   When  it  comes  to  theory,  “NEVER”  believe  anything  you  hear   or  read  unKl  you  have  tried  it  yourself.       5
6
Backup, Backup & Backup Why?  Because  bad  stuff   happens…     7
InformaBon  Security  Has  Changed  
Hacking  Steps      
OFFICIAL  STATISTICS   from  Secret  Service  Germany  
SOME  SHORT  FACTS  
HIGH  SCORE  LIST  
2007/2008  SHOPPING  LIST  
CRISIS  SHOPPING  LIST  2009  
CONCLUSION  
Oracle  Security  SoluBons  
Oracle  Security  SoluBons  
Oracle  Security  Components  
DB  ENVIRONMENT  
Security  Data  in  Rest/Access  Control  
WHAT  IS  ASO?  
What  Security  Problems  does  ASO   solve?  
ASO  BENEFITS  
TDE  –  Transparent  Data  EncrypBon  
TDE  –  Transparent  Data  EncrypBon  
TDE  –  Transparent  Data  EncrypBon  
SECURING  DATA  IN  MOTION  
NETWORK  ENCRYPTION  
SECURING  BACKUP  
SECURING  BACKUP   Examples  
DATAMASKING  
WHAT  IS  DATAMASKING?  
PREVENT  MODIFICATIONS  BY   UNAUTHORIZED  USERS  
WHAT  IS  DATA  VAULT?  
DATA  VAULT  HELP  TO  SOLVE:  
DATA  VAULT  Vs   VPD  and  OLS  
DATABASE  VAULT  Realms  and  Rule  
DATA  VAULT  REPORTS  
DATA  VAULT  EXAMPLES  
HIGHLY  SECURED  ENVIROMENTS   AUDIT  VALT  
AUDIT  VAULT  EXAMPLES  
AUDIT  VAULT  REPORTS   Who,  What,  When,  Where    
AUDIT  VAULT  DASHBOARD  
AUDIT  VAULT  SUMMARY  
26  Security  Tips  
Some  Oracle  Security  Tips   1)  Grant  privileges  only  to  a  user  or  applicaKon   which   requires   the   privilege   to   accomplish   necessary   work.   Excessive   granKng   of   unnecessary   privileges   can   compromise   security.    
Some  Oracle  Security  Tips   2)No   administraKve   funcKons   are   to   be   performed   by   an   applicaKon.     For   example   create   user,   delete   user,   grant   role,   grant   object  privileges,  etc.      
Some  Oracle  Security  Tips   3)   Privileges   for   schema   or   database   owner   objects   should   be   granted   via   a   role   and   not   explicitly.    Do  not  use  the  “ALL”  opKon  when   granKng   object   privileges,   instead   specify   the   exact  privilege  needed,  such  as  select,  update,   insert,  delete.      
Some  Oracle  Security  Tips   4 ) P a s s w o r d   p r o t e c t e d   r o l e s   m a y   b e   implemented   to   allow   an   applicaKon   to   control  access  to  its  data.    Thereby,  end  users   may   not   access   the   applicaKon’s   data   from   outside  the  applicaKon.      
Some  Oracle  Security  Tips   5)Access   to   AdministraKve   or   System   user   accounts   should   be   restricted   to   authorized   DBAs.        
Some  Oracle  Security  Tips   6)  Do  not  grant  system  supplied  database  roles.   These  roles  may  have  administraKve  privileges   and   the   role   privileges   may   change   with   new   releases  of  the  database.          
Some  Oracle  Security  Tips   7)  Database  catalog  access  should  be  restricted.     Example:   Use   “USER_VIEWS”   instead   of   “DBA_VIEWS”  for  an  Oracle  database.            
Some  Oracle  Security  Tips   8)  Privileges  granted  to  PUBLIC  are  accessible  to   every   user   and   should   be   granted   only   when   necessary.        
Some  Oracle  Security  Tips   9)   Any   password   stored   by   applicaKons   in   the   database  should  be  encrypted.          
Some  Oracle  Security  Tips   10)   ApplicaKons   should   not   “DROP”,   “CREATE”   or  “ALTER”  objects  within  the  applicaKon.          
Some  Oracle  Security  Tips   11)  UKlize  the  shared  database  infrastructure  to   share  cost  whenever  possible.            
Some  Oracle  Security  Tips   12)  ApplicaKons  should  not  access  the  database   with   the   same   security   as   the   owner   of   the   database   objects.   For   example   on   SQL   Server   do   not   grant   the   “dbowner”   role   and   on   Oracle   do   not   use   the   Schema   userid   to   connect  to  the  database.  Setup  another  userid   with   the   necessary   privileges   to   run   the   applicaKon.    
Some  Oracle  Security  Tips   13)   Database   integrity   should   be   enforced   on   the   database   using   foreign   keys   not   in   the   applicaKon   code.   This   helps   prevent   code   outside   the   applicaKon   from   creaKng   orphan   records  and/or  invalid  data.        
Some  Oracle  Security  Tips   14)   Do   not   hard   code   username   and   passwords   in   the   applicaKon  source  code.     •  Sqlplus  /nolog  @myscript   –  Create  a  password  file  (.password)    fmunoz      evelyn    scoX    Kger   –  Create  a  shell  script  getpwd.sh    fgrep  $1  $HOME/tools/.password  |  cut  –d  “  “  –f2   –  Use  the  script  and  the  password  file   Getpwd.sh  fmunoz  |  sqlplus  –s  fmunoz  @script   •  RMAN    rman  target  /    connect  catalog  user/pwd@catdb        
Some  Oracle  Security  Tips   15)  Protect  your  Listener  (Cont.):   –  LSNRCTL>  Set  Current  Listener  <ip_address>   –  LSNRCTL>  Set  rawmode  on   –  LSNRCTL>  Services   –  LSNRCTL>  Stop   –  LSNRCTL>  Set  startup_waitme  20   –  LSNRCTL>  Set  logfile  redo01a   –  LSNRCTL>  Set  log_directory  ‘/u01/app/oracle/redo’  
Some  Oracle  Security  Tips   15)  Protect  your  Listener:   –   Disable  online  modificaKons   •  LSNRCTL>  Admin_restricKons  _<listener_name>=ON   •  LSNRCTL>  Change_password   •  LSNRCTL>  Save_config        
Some  Oracle  Security  Tips   16)   Ensure   external   users   have   the   least   privilege  possible.              
Some  Oracle  Security  Tips   17)   Have   a   clear   and   well   documented   Backup   and  Recovery  Strategy              
Some  Oracle  Security  Tips   18)   Implement   an   strong   password   policy   (user   profile)   and   force   all   users   to   change   their   passwords  constantly  .            
Some  Oracle  Security  Tips   19)  All  important  passwords  need  to  be  saved  in   a  safe  and  replaced  when  changed.              
Some  Oracle  Security  Tips   20)  Install  only  what’s  really  required.              
Some  Oracle  Security  Tips   21)   Implement   Audit,   soon   or   later   you   will   be   ask   to   tell   who   changed   that.   Please,   implement  a  purge  strategy.            
Some  Oracle  Security  Tips   22)   Create   promoKon   procedures   (DEV-­‐>TEST-­‐ >PROD),   lock   your   producKon   environment   and   test   environment.   Don’t   forget   to   implement  and  document  a  change  register.          
Some  Oracle  Security  Tips   23)  Implement  an  Indirect  Login  Policy   –  Each  user  have  their  own  login  account   –  Allow   connecKons   to   oracle   account   (OS)   only   thru  sudo   –  This  will  leaves  an  audit  trail  of  acKons        
Some  Oracle  Security  Tips   24)  Prevent  SYSDBA  connecKon   –  Sqlplus  /  as  sysdba   •  Change  SQLNET.ORA  SQLNET.AUTHENTICATION_SERVICES=(NONE)            
Some  Oracle  Security  Tips   25)  Avoid  Risk  ConnecKons  (Ext.  Procedures)   –  Listener.ora   •  (ADDRESS_LIST  =    (ADDRESS  =  (PROTOCOL  =  IPC)                                                (KEY    =    EXTPROC))     Remove  this  lines,  or  move  to  a  different  listener        
Some  Oracle  Security  Tips   26)  Enable  Data  DicKonary  ProtecKon     Oracle  Recommends  that  customers  implement  data  dicKonary  protecKon  to  prevent   users  who  have  the  “ANY”  system  privileges  to  modify  or  harm  the  Oracle  data  dicKonary.     Set  07_DICTIONARY_ACCESSIBILITY  parameter  to  FALSE.        
         PROGRAM   The Oracle ACE Program is designed to recognize and reward members of the Oracle Technology and Applications communities for their contributions to those communities. These individuals are technically proficient (when applicable) and willingly share their knowledge and experiences. The program comprises two levels: Oracle ACE and Oracle ACE Director. The former designation is Oracle's way of saying "thank you" to community contributors for their efforts; we (and the community) appreciate their enthusiasm. The latter designation is for community enthusiasts who not only share their knowledge (usually in extraordinary ways), but also want to increase their community advocacy and work more proactively with Oracle to find opportunities for the same. In this sense, Oracle ACE is "backward looking" and Oracle ACE Director is "forward looking."
         PROGRAM  
         PROGRAM  
         PROGRAM  
  QuesBons?    
  Thank  you  !    

Empfohlen

Top 13 best security practices
Top 13 best security practicesTop 13 best security practices
Top 13 best security practicesRadu Vunvulea
 
Java EE Next
Java EE NextJava EE Next
Java EE NextDavid Delabassee
 
Full Ast Presentation Nov 09
Full Ast Presentation Nov 09Full Ast Presentation Nov 09
Full Ast Presentation Nov 09davidpslow
 
IE Exploit Protection
IE Exploit ProtectionIE Exploit Protection
IE Exploit ProtectionKim Jensen
 
Secure Cloud Computing for the Health Enterprise
Secure Cloud Computing for the Health EnterpriseSecure Cloud Computing for the Health Enterprise
Secure Cloud Computing for the Health EnterpriseJoel Amoussou
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...InSync2011
 
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...InSync2011
 

Empfohlen

Top 13 best security practices
Top 13 best security practicesTop 13 best security practices
Top 13 best security practicesRadu Vunvulea
 
Java EE Next
Java EE NextJava EE Next
Java EE NextDavid Delabassee
 
Full Ast Presentation Nov 09
Full Ast Presentation Nov 09Full Ast Presentation Nov 09
Full Ast Presentation Nov 09davidpslow
 
IE Exploit Protection
IE Exploit ProtectionIE Exploit Protection
IE Exploit ProtectionKim Jensen
 
Secure Cloud Computing for the Health Enterprise
Secure Cloud Computing for the Health EnterpriseSecure Cloud Computing for the Health Enterprise
Secure Cloud Computing for the Health EnterpriseJoel Amoussou
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...InSync2011
 
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...InSync2011
 
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...InSync2011
 
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...InSync2011
 
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...InSync2011
 
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...InSync2011
 
Oracle Data Redaction - EOUC
Oracle Data Redaction - EOUCOracle Data Redaction - EOUC
Oracle Data Redaction - EOUCAlex Zaballa
 
Oracle Database 12c - Novas Características para DBAs e Desenvolvedores
Oracle Database 12c - Novas Características para DBAs e DesenvolvedoresOracle Database 12c - Novas Características para DBAs e Desenvolvedores
Oracle Database 12c - Novas Características para DBAs e DesenvolvedoresAlex Zaballa
 
Part17 radio button using vb.net 2012
Part17 radio button using vb.net 2012Part17 radio button using vb.net 2012
Part17 radio button using vb.net 2012Girija Muscut
 
Part 9 report using vb.net
Part 9 report using vb.netPart 9 report using vb.net
Part 9 report using vb.netGirija Muscut
 
Data Redaction - OTN TOUR LA 2015
Data Redaction - OTN TOUR LA 2015 Data Redaction - OTN TOUR LA 2015
Data Redaction - OTN TOUR LA 2015 Alex Zaballa
 
DBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should Know
DBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should KnowDBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should Know
DBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should KnowAlex Zaballa
 
Thirupavai
ThirupavaiThirupavai
ThirupavaiGirija Muscut
 
How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...
How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...
How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...Alex Zaballa
 
Oracle Database 12.1.0.2 New Features
Oracle Database 12.1.0.2 New FeaturesOracle Database 12.1.0.2 New Features
Oracle Database 12.1.0.2 New FeaturesAlex Zaballa
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data RedactionAlex Zaballa
 
Create lable security
Create lable security Create lable security
Create lable security Girija Muscut
 
Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014
Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014
Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014Alex Zaballa
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data RedactionAlex Zaballa
 
Migrate 10TB to Exadata -- Tips and Tricks
Migrate 10TB to Exadata -- Tips and TricksMigrate 10TB to Exadata -- Tips and Tricks
Migrate 10TB to Exadata -- Tips and TricksAmin Adatia
 
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015Alex Zaballa
 
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)Ramesh Nagappan
 
Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015Connor McDonald
 

Weitere ähnliche Inhalte

Andere mochten auch

Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...InSync2011
 
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...InSync2011
 
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...InSync2011
 
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...InSync2011
 
Oracle Data Redaction - EOUC
Oracle Data Redaction - EOUCOracle Data Redaction - EOUC
Oracle Data Redaction - EOUCAlex Zaballa
 
Oracle Database 12c - Novas Características para DBAs e Desenvolvedores
Oracle Database 12c - Novas Características para DBAs e DesenvolvedoresOracle Database 12c - Novas Características para DBAs e Desenvolvedores
Oracle Database 12c - Novas Características para DBAs e DesenvolvedoresAlex Zaballa
 
Part17 radio button using vb.net 2012
Part17 radio button using vb.net 2012Part17 radio button using vb.net 2012
Part17 radio button using vb.net 2012Girija Muscut
 
Part 9 report using vb.net
Part 9 report using vb.netPart 9 report using vb.net
Part 9 report using vb.netGirija Muscut
 
Data Redaction - OTN TOUR LA 2015
Data Redaction - OTN TOUR LA 2015 Data Redaction - OTN TOUR LA 2015
Data Redaction - OTN TOUR LA 2015 Alex Zaballa
 
DBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should Know
DBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should KnowDBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should Know
DBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should KnowAlex Zaballa
 
How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...
How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...
How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...Alex Zaballa
 
Oracle Database 12.1.0.2 New Features
Oracle Database 12.1.0.2 New FeaturesOracle Database 12.1.0.2 New Features
Oracle Database 12.1.0.2 New FeaturesAlex Zaballa
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data RedactionAlex Zaballa
 
Create lable security
Create lable security Create lable security
Create lable security Girija Muscut
 
Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014
Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014
Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014Alex Zaballa
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data RedactionAlex Zaballa
 
Migrate 10TB to Exadata -- Tips and Tricks
Migrate 10TB to Exadata -- Tips and TricksMigrate 10TB to Exadata -- Tips and Tricks
Migrate 10TB to Exadata -- Tips and TricksAmin Adatia
 
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015Alex Zaballa
 

Andere mochten auch (20)

Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
 
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
 
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
 
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
 
Oracle Data Redaction - EOUC
Oracle Data Redaction - EOUCOracle Data Redaction - EOUC
Oracle Data Redaction - EOUC
 
Oracle Database 12c - Novas Características para DBAs e Desenvolvedores
Oracle Database 12c - Novas Características para DBAs e DesenvolvedoresOracle Database 12c - Novas Características para DBAs e Desenvolvedores
Oracle Database 12c - Novas Características para DBAs e Desenvolvedores
 
Part17 radio button using vb.net 2012
Part17 radio button using vb.net 2012Part17 radio button using vb.net 2012
Part17 radio button using vb.net 2012
 
Part 9 report using vb.net
Part 9 report using vb.netPart 9 report using vb.net
Part 9 report using vb.net
 
Data Redaction - OTN TOUR LA 2015
Data Redaction - OTN TOUR LA 2015 Data Redaction - OTN TOUR LA 2015
Data Redaction - OTN TOUR LA 2015
 
DBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should Know
DBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should KnowDBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should Know
DBA Brasil 1.0 - DBA Commands and Concepts That Every Developer Should Know
 
Thirupavai
ThirupavaiThirupavai
Thirupavai
 
How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...
How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...
How to become an Oracle Certified Master - GUOB Tech Day - OTN TOUR LA Brazil...
 
Oracle Database 12.1.0.2 New Features
Oracle Database 12.1.0.2 New FeaturesOracle Database 12.1.0.2 New Features
Oracle Database 12.1.0.2 New Features
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data Redaction
 
Create lable security
Create lable security Create lable security
Create lable security
 
Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014
Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014
Flex Cluster e Flex ASM - GUOB Tech Day - OTN TOUR LA Brazil 2014
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data Redaction
 
Migrate 10TB to Exadata -- Tips and Tricks
Migrate 10TB to Exadata -- Tips and TricksMigrate 10TB to Exadata -- Tips and Tricks
Migrate 10TB to Exadata -- Tips and Tricks
 
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
 

Ähnlich wie Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Some easyways to make your DB more secure.pdf

Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)Ramesh Nagappan
 
Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015Connor McDonald
 
Best Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsBest Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsEstuate, Inc.
 
[db tech showcase Tokyo 2018] #dbts2018 #B31 『1,2,3 and Done! 3 easy ways to ...
[db tech showcase Tokyo 2018] #dbts2018 #B31 『1,2,3 and Done! 3 easy ways to ...[db tech showcase Tokyo 2018] #dbts2018 #B31 『1,2,3 and Done! 3 easy ways to ...
[db tech showcase Tokyo 2018] #dbts2018 #B31 『1,2,3 and Done! 3 easy ways to ...Insight Technology, Inc.
 
DOAG Oracle Database Vault
DOAG Oracle Database VaultDOAG Oracle Database Vault
DOAG Oracle Database VaultStefan Oehrli
 
security-checklist-database
security-checklist-databasesecurity-checklist-database
security-checklist-databaseMohsen B
 
Innovations dbsec-12c-pub
Innovations dbsec-12c-pubInnovations dbsec-12c-pub
Innovations dbsec-12c-pubOracleIDM
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...InSync2011
 
Presentation deploying oracle database 11g securely on oracle solaris
Presentation deploying oracle database 11g securely on oracle solarisPresentation deploying oracle database 11g securely on oracle solaris
Presentation deploying oracle database 11g securely on oracle solarisxKinAnx
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingDLT Solutions
 
Oracle storage best of-breed, best for oracle
Oracle storage best of-breed, best for oracleOracle storage best of-breed, best for oracle
Oracle storage best of-breed, best for oraclesolarisyougood
 
Dr3150012012202 1.getting started
Dr3150012012202 1.getting startedDr3150012012202 1.getting started
Dr3150012012202 1.getting startedNamgu Jeong
 
Oracle 10g sql fundamentals i
Oracle 10g sql fundamentals iOracle 10g sql fundamentals i
Oracle 10g sql fundamentals iManaswi Sharma
 
Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cTroy Kitch
 
A33 tips and best practice for db as by francisco alvarez
A33 tips and best practice for db as by francisco alvarezA33 tips and best practice for db as by francisco alvarez
A33 tips and best practice for db as by francisco alvarezInsight Technology, Inc.
 
I/O Microbenchmarking with Oracle in Mind
I/O Microbenchmarking with Oracle in MindI/O Microbenchmarking with Oracle in Mind
I/O Microbenchmarking with Oracle in MindBob Sneed
 

Ähnlich wie Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Some easyways to make your DB more secure.pdf (20)

Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
 
Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015
 
Best Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsBest Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security Products
 
[db tech showcase Tokyo 2018] #dbts2018 #B31 『1,2,3 and Done! 3 easy ways to ...
[db tech showcase Tokyo 2018] #dbts2018 #B31 『1,2,3 and Done! 3 easy ways to ...[db tech showcase Tokyo 2018] #dbts2018 #B31 『1,2,3 and Done! 3 easy ways to ...
[db tech showcase Tokyo 2018] #dbts2018 #B31 『1,2,3 and Done! 3 easy ways to ...
 
DOAG Oracle Database Vault
DOAG Oracle Database VaultDOAG Oracle Database Vault
DOAG Oracle Database Vault
 
Extensibility in the cloud – power to the business user
Extensibility in the cloud – power to the business userExtensibility in the cloud – power to the business user
Extensibility in the cloud – power to the business user
 
security-checklist-database
security-checklist-databasesecurity-checklist-database
security-checklist-database
 
Innovations dbsec-12c-pub
Innovations dbsec-12c-pubInnovations dbsec-12c-pub
Innovations dbsec-12c-pub
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
 
Vault_KT.pptx
Vault_KT.pptxVault_KT.pptx
Vault_KT.pptx
 
Presentation deploying oracle database 11g securely on oracle solaris
Presentation deploying oracle database 11g securely on oracle solarisPresentation deploying oracle database 11g securely on oracle solaris
Presentation deploying oracle database 11g securely on oracle solaris
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and Masking
 
Oracle storage best of-breed, best for oracle
Oracle storage best of-breed, best for oracleOracle storage best of-breed, best for oracle
Oracle storage best of-breed, best for oracle
 
Dr3150012012202 1.getting started
Dr3150012012202 1.getting startedDr3150012012202 1.getting started
Dr3150012012202 1.getting started
 
Oracle Cloud Backup
Oracle Cloud BackupOracle Cloud Backup
Oracle Cloud Backup
 
Oracle 10g sql fundamentals i
Oracle 10g sql fundamentals iOracle 10g sql fundamentals i
Oracle 10g sql fundamentals i
 
Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12c
 
A33 tips and best practice for db as by francisco alvarez
A33 tips and best practice for db as by francisco alvarezA33 tips and best practice for db as by francisco alvarez
A33 tips and best practice for db as by francisco alvarez
 
Performance in the Oracle Cloud
Performance in the Oracle CloudPerformance in the Oracle Cloud
Performance in the Oracle Cloud
 
I/O Microbenchmarking with Oracle in Mind
I/O Microbenchmarking with Oracle in MindI/O Microbenchmarking with Oracle in Mind
I/O Microbenchmarking with Oracle in Mind
 

Mehr von InSync2011

Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...
Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...
Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...InSync2011
 
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdf
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdfNew & Emerging _ KrisDowney _ Simplifying the Change Process.pdf
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdfInSync2011
 
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdf
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdfOracle Systems _ Kevin McIsaac _The IT landscape has changed.pdf
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdfInSync2011
 
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdf
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdfReporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdf
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdfInSync2011
 
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...InSync2011
 
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...InSync2011
 
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...InSync2011
 
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...InSync2011
 
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...InSync2011
 
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdf
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdfDatabase & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdf
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdfInSync2011
 
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdf
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdfDatabase & Technology 1 _ Tom Kyte _ SQL Techniques.pdf
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdfInSync2011
 
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...InSync2011
 
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...InSync2011
 
Developer and Fusion Middleware 1 _ Paul Ricketts _ Paper Process Automation ...
Developer and Fusion Middleware 1 _ Paul Ricketts _ Paper Process Automation ...Developer and Fusion Middleware 1 _ Paul Ricketts _ Paper Process Automation ...
Developer and Fusion Middleware 1 _ Paul Ricketts _ Paper Process Automation ...InSync2011
 
Developer and Fusion Middleware 1 | Mark Nelson | Continuous Integration for ...
Developer and Fusion Middleware 1 | Mark Nelson | Continuous Integration for ...Developer and Fusion Middleware 1 | Mark Nelson | Continuous Integration for ...
Developer and Fusion Middleware 1 | Mark Nelson | Continuous Integration for ...InSync2011
 
Developer and Fusion Middleware 2 _Alex Peattie _ An introduction to Oracle S...
Developer and Fusion Middleware 2 _Alex Peattie _ An introduction to Oracle S...Developer and Fusion Middleware 2 _Alex Peattie _ An introduction to Oracle S...
Developer and Fusion Middleware 2 _Alex Peattie _ An introduction to Oracle S...InSync2011
 
Developer and Fusion Middleware 1 _ Christian Ledwidge _ Application Performa...
Developer and Fusion Middleware 1 _ Christian Ledwidge _ Application Performa...Developer and Fusion Middleware 1 _ Christian Ledwidge _ Application Performa...
Developer and Fusion Middleware 1 _ Christian Ledwidge _ Application Performa...InSync2011
 
Developer and Fusion Middleware 1 | Mark Lancaster | Building advanced APEX 4...
Developer and Fusion Middleware 1 | Mark Lancaster | Building advanced APEX 4...Developer and Fusion Middleware 1 | Mark Lancaster | Building advanced APEX 4...
Developer and Fusion Middleware 1 | Mark Lancaster | Building advanced APEX 4...InSync2011
 
Oracle Systems _ Jeff Schwartz _ Engineering Solutions Exadata - Exalogic.pdf
Oracle Systems _ Jeff Schwartz _ Engineering Solutions Exadata - Exalogic.pdfOracle Systems _ Jeff Schwartz _ Engineering Solutions Exadata - Exalogic.pdf
Oracle Systems _ Jeff Schwartz _ Engineering Solutions Exadata - Exalogic.pdfInSync2011
 
Oracle Systems _ David Baker _ Best Practices for Simplifying Implementation ...
Oracle Systems _ David Baker _ Best Practices for Simplifying Implementation ...Oracle Systems _ David Baker _ Best Practices for Simplifying Implementation ...
Oracle Systems _ David Baker _ Best Practices for Simplifying Implementation ...InSync2011
 

Mehr von InSync2011 (20)

Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...
Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...
Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...
 
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdf
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdfNew & Emerging _ KrisDowney _ Simplifying the Change Process.pdf
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdf
 
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdf
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdfOracle Systems _ Kevin McIsaac _The IT landscape has changed.pdf
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdf
 
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdf
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdfReporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdf
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdf
 
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
 
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...
 
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...
 
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...
 
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...
 
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdf
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdfDatabase & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdf
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdf
 
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdf
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdfDatabase & Technology 1 _ Tom Kyte _ SQL Techniques.pdf
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdf
 
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...
 
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...
 
Developer and Fusion Middleware 1 _ Paul Ricketts _ Paper Process Automation ...
Developer and Fusion Middleware 1 _ Paul Ricketts _ Paper Process Automation ...Developer and Fusion Middleware 1 _ Paul Ricketts _ Paper Process Automation ...
Developer and Fusion Middleware 1 _ Paul Ricketts _ Paper Process Automation ...
 
Developer and Fusion Middleware 1 | Mark Nelson | Continuous Integration for ...
Developer and Fusion Middleware 1 | Mark Nelson | Continuous Integration for ...Developer and Fusion Middleware 1 | Mark Nelson | Continuous Integration for ...
Developer and Fusion Middleware 1 | Mark Nelson | Continuous Integration for ...
 
Developer and Fusion Middleware 2 _Alex Peattie _ An introduction to Oracle S...
Developer and Fusion Middleware 2 _Alex Peattie _ An introduction to Oracle S...Developer and Fusion Middleware 2 _Alex Peattie _ An introduction to Oracle S...
Developer and Fusion Middleware 2 _Alex Peattie _ An introduction to Oracle S...
 
Developer and Fusion Middleware 1 _ Christian Ledwidge _ Application Performa...
Developer and Fusion Middleware 1 _ Christian Ledwidge _ Application Performa...Developer and Fusion Middleware 1 _ Christian Ledwidge _ Application Performa...
Developer and Fusion Middleware 1 _ Christian Ledwidge _ Application Performa...
 
Developer and Fusion Middleware 1 | Mark Lancaster | Building advanced APEX 4...
Developer and Fusion Middleware 1 | Mark Lancaster | Building advanced APEX 4...Developer and Fusion Middleware 1 | Mark Lancaster | Building advanced APEX 4...
Developer and Fusion Middleware 1 | Mark Lancaster | Building advanced APEX 4...
 
Oracle Systems _ Jeff Schwartz _ Engineering Solutions Exadata - Exalogic.pdf
Oracle Systems _ Jeff Schwartz _ Engineering Solutions Exadata - Exalogic.pdfOracle Systems _ Jeff Schwartz _ Engineering Solutions Exadata - Exalogic.pdf
Oracle Systems _ Jeff Schwartz _ Engineering Solutions Exadata - Exalogic.pdf
 
Oracle Systems _ David Baker _ Best Practices for Simplifying Implementation ...
Oracle Systems _ David Baker _ Best Practices for Simplifying Implementation ...Oracle Systems _ David Baker _ Best Practices for Simplifying Implementation ...
Oracle Systems _ David Baker _ Best Practices for Simplifying Implementation ...
 

Kürzlich hochgeladen

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Kürzlich hochgeladen (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Some easyways to make your DB more secure.pdf

  • 1. ORACLE  SECURITY       Francisco  Munoz  Alvarez       Oracle  ACE  Director   President  CLOUG,  LAOUC  &  NZOUG   8/9/10g/11g  OCP,  RAC  OCE,  AS  OCA,  E-­‐Business  OCP,  SQL/PLSQL  OCA,  Oracle  7  OCM   Oracle  7  &  11GR2  Beta  Tester   ITIL  CerKfied   2010  Oracle  Ace  Director  of  the  year  by  Oracle  Magazine     Blog:  www.oraclenz.com        -­‐    Email:  mbatec@hotmail.com    –  TwiXer  :  fcomunoz   Blog:  www.oracleenespanol.com    -­‐  Comunidad  Oracle:    www.oraclemania.ning.com       Oracle  Professional  Services  Manager   Revera     www.revera.co.nz      
  • 2. ORACLE  SECURITY  TIPS           Insync 2011 Sydney, Australia           By:   Francisco  Munoz  Alvarez    
  • 3. Mature   Born  here   Grow  up   Got  Married  Here   Now  Living  here   here   here   DBIS - Copyright 2010 3
  • 4. The  Rule:       “The  most  important  rule  with  respect  to  data  is   to   never   put   yourself   into   an   unrecoverable   situaKon.”       The  importance  of  this  guideline  cannot  be     stressed  enough,  but  it  does  not  mean  that   you   can   never   use   time   saving   or   performance  enhancing  options.    
  • 5. Always Try it Before!   When  it  comes  to  theory,  “NEVER”  believe  anything  you  hear   or  read  unKl  you  have  tried  it  yourself.       5
  • 6. 6
  • 7. Backup, Backup & Backup Why?  Because  bad  stuff   happens…     7
  • 10. OFFICIAL  STATISTICS   from  Secret  Service  Germany  
  • 20. Security  Data  in  Rest/Access  Control  
  • 22. What  Security  Problems  does  ASO   solve?  
  • 24. TDE  –  Transparent  Data  EncrypBon  
  • 25. TDE  –  Transparent  Data  EncrypBon  
  • 26. TDE  –  Transparent  Data  EncrypBon  
  • 27. SECURING  DATA  IN  MOTION  
  • 30. SECURING  BACKUP   Examples  
  • 33. PREVENT  MODIFICATIONS  BY   UNAUTHORIZED  USERS  
  • 34. WHAT  IS  DATA  VAULT?  
  • 35. DATA  VAULT  HELP  TO  SOLVE:  
  • 36. DATA  VAULT  Vs   VPD  and  OLS  
  • 37. DATABASE  VAULT  Realms  and  Rule  
  • 40. HIGHLY  SECURED  ENVIROMENTS   AUDIT  VALT  
  • 42. AUDIT  VAULT  REPORTS   Who,  What,  When,  Where    
  • 46. Some  Oracle  Security  Tips   1)  Grant  privileges  only  to  a  user  or  applicaKon   which   requires   the   privilege   to   accomplish   necessary   work.   Excessive   granKng   of   unnecessary   privileges   can   compromise   security.    
  • 47. Some  Oracle  Security  Tips   2)No   administraKve   funcKons   are   to   be   performed   by   an   applicaKon.     For   example   create   user,   delete   user,   grant   role,   grant   object  privileges,  etc.      
  • 48. Some  Oracle  Security  Tips   3)   Privileges   for   schema   or   database   owner   objects   should   be   granted   via   a   role   and   not   explicitly.    Do  not  use  the  “ALL”  opKon  when   granKng   object   privileges,   instead   specify   the   exact  privilege  needed,  such  as  select,  update,   insert,  delete.      
  • 49. Some  Oracle  Security  Tips   4 ) P a s s w o r d   p r o t e c t e d   r o l e s   m a y   b e   implemented   to   allow   an   applicaKon   to   control  access  to  its  data.    Thereby,  end  users   may   not   access   the   applicaKon’s   data   from   outside  the  applicaKon.      
  • 50. Some  Oracle  Security  Tips   5)Access   to   AdministraKve   or   System   user   accounts   should   be   restricted   to   authorized   DBAs.        
  • 51. Some  Oracle  Security  Tips   6)  Do  not  grant  system  supplied  database  roles.   These  roles  may  have  administraKve  privileges   and   the   role   privileges   may   change   with   new   releases  of  the  database.          
  • 52. Some  Oracle  Security  Tips   7)  Database  catalog  access  should  be  restricted.     Example:   Use   “USER_VIEWS”   instead   of   “DBA_VIEWS”  for  an  Oracle  database.            
  • 53. Some  Oracle  Security  Tips   8)  Privileges  granted  to  PUBLIC  are  accessible  to   every   user   and   should   be   granted   only   when   necessary.        
  • 54. Some  Oracle  Security  Tips   9)   Any   password   stored   by   applicaKons   in   the   database  should  be  encrypted.          
  • 55. Some  Oracle  Security  Tips   10)   ApplicaKons   should   not   “DROP”,   “CREATE”   or  “ALTER”  objects  within  the  applicaKon.          
  • 56. Some  Oracle  Security  Tips   11)  UKlize  the  shared  database  infrastructure  to   share  cost  whenever  possible.            
  • 57. Some  Oracle  Security  Tips   12)  ApplicaKons  should  not  access  the  database   with   the   same   security   as   the   owner   of   the   database   objects.   For   example   on   SQL   Server   do   not   grant   the   “dbowner”   role   and   on   Oracle   do   not   use   the   Schema   userid   to   connect  to  the  database.  Setup  another  userid   with   the   necessary   privileges   to   run   the   applicaKon.    
  • 58. Some  Oracle  Security  Tips   13)   Database   integrity   should   be   enforced   on   the   database   using   foreign   keys   not   in   the   applicaKon   code.   This   helps   prevent   code   outside   the   applicaKon   from   creaKng   orphan   records  and/or  invalid  data.        
  • 59. Some  Oracle  Security  Tips   14)   Do   not   hard   code   username   and   passwords   in   the   applicaKon  source  code.     •  Sqlplus  /nolog  @myscript   –  Create  a  password  file  (.password)    fmunoz      evelyn    scoX    Kger   –  Create  a  shell  script  getpwd.sh    fgrep  $1  $HOME/tools/.password  |  cut  –d  “  “  –f2   –  Use  the  script  and  the  password  file   Getpwd.sh  fmunoz  |  sqlplus  –s  fmunoz  @script   •  RMAN    rman  target  /    connect  catalog  user/pwd@catdb        
  • 60. Some  Oracle  Security  Tips   15)  Protect  your  Listener  (Cont.):   –  LSNRCTL>  Set  Current  Listener  <ip_address>   –  LSNRCTL>  Set  rawmode  on   –  LSNRCTL>  Services   –  LSNRCTL>  Stop   –  LSNRCTL>  Set  startup_waitme  20   –  LSNRCTL>  Set  logfile  redo01a   –  LSNRCTL>  Set  log_directory  ‘/u01/app/oracle/redo’  
  • 61. Some  Oracle  Security  Tips   15)  Protect  your  Listener:   –   Disable  online  modificaKons   •  LSNRCTL>  Admin_restricKons  _<listener_name>=ON   •  LSNRCTL>  Change_password   •  LSNRCTL>  Save_config        
  • 62. Some  Oracle  Security  Tips   16)   Ensure   external   users   have   the   least   privilege  possible.              
  • 63. Some  Oracle  Security  Tips   17)   Have   a   clear   and   well   documented   Backup   and  Recovery  Strategy              
  • 64. Some  Oracle  Security  Tips   18)   Implement   an   strong   password   policy   (user   profile)   and   force   all   users   to   change   their   passwords  constantly  .            
  • 65. Some  Oracle  Security  Tips   19)  All  important  passwords  need  to  be  saved  in   a  safe  and  replaced  when  changed.              
  • 66. Some  Oracle  Security  Tips   20)  Install  only  what’s  really  required.              
  • 67. Some  Oracle  Security  Tips   21)   Implement   Audit,   soon   or   later   you   will   be   ask   to   tell   who   changed   that.   Please,   implement  a  purge  strategy.            
  • 68. Some  Oracle  Security  Tips   22)   Create   promoKon   procedures   (DEV-­‐>TEST-­‐ >PROD),   lock   your   producKon   environment   and   test   environment.   Don’t   forget   to   implement  and  document  a  change  register.          
  • 69. Some  Oracle  Security  Tips   23)  Implement  an  Indirect  Login  Policy   –  Each  user  have  their  own  login  account   –  Allow   connecKons   to   oracle   account   (OS)   only   thru  sudo   –  This  will  leaves  an  audit  trail  of  acKons        
  • 70. Some  Oracle  Security  Tips   24)  Prevent  SYSDBA  connecKon   –  Sqlplus  /  as  sysdba   •  Change  SQLNET.ORA  SQLNET.AUTHENTICATION_SERVICES=(NONE)            
  • 71. Some  Oracle  Security  Tips   25)  Avoid  Risk  ConnecKons  (Ext.  Procedures)   –  Listener.ora   •  (ADDRESS_LIST  =    (ADDRESS  =  (PROTOCOL  =  IPC)                                                (KEY    =    EXTPROC))     Remove  this  lines,  or  move  to  a  different  listener        
  • 72. Some  Oracle  Security  Tips   26)  Enable  Data  DicKonary  ProtecKon     Oracle  Recommends  that  customers  implement  data  dicKonary  protecKon  to  prevent   users  who  have  the  “ANY”  system  privileges  to  modify  or  harm  the  Oracle  data  dicKonary.     Set  07_DICTIONARY_ACCESSIBILITY  parameter  to  FALSE.        
  • 73.          PROGRAM   The Oracle ACE Program is designed to recognize and reward members of the Oracle Technology and Applications communities for their contributions to those communities. These individuals are technically proficient (when applicable) and willingly share their knowledge and experiences. The program comprises two levels: Oracle ACE and Oracle ACE Director. The former designation is Oracle's way of saying "thank you" to community contributors for their efforts; we (and the community) appreciate their enthusiasm. The latter designation is for community enthusiasts who not only share their knowledge (usually in extraordinary ways), but also want to increase their community advocacy and work more proactively with Oracle to find opportunities for the same. In this sense, Oracle ACE is "backward looking" and Oracle ACE Director is "forward looking."
  • 74.          PROGRAM  
  • 75.          PROGRAM  
  • 76.          PROGRAM