Oracle Database Security Guide E36292Database
Oracle%C2%AE%20Database%20Security%20Guide%20%2011g%20Release%202%20(11.2)
User Manual:
Open the PDF directly: View PDF
Page Count: 444 [warning: Documents this large are best viewed by clicking the View PDF Link!]
- Contents
- Preface
- What's New in Oracle Database Security?
- 1 Introducing Oracle Database Security
- 2 Managing Security for Oracle Database Users
- About User Security
- Creating User Accounts
- Altering User Accounts
- Configuring User Resource Limits
- Deleting User Accounts
- Finding Information About Database Users and Profiles
- 3 Configuring Authentication
- About Authentication
- Configuring Password Protection
- What Are the Oracle Database Built-in Password Protections?
- Minimum Requirements for Passwords
- Using a Password Management Policy
- About Managing Passwords
- Finding User Accounts That Have Default Passwords
- Configuring Password Settings in the Default Profile
- Disabling and Enabling the Default Password Security Settings
- Automatically Locking a User Account After a Failed Login
- Controlling User Ability to Reuse Previous Passwords
- Controlling Password Aging and Expiration
- Password Change Life Cycle
- Setting the PASSWORD_LIFE_TIME Profile Parameter to a Low Value
- Enforcing Password Complexity Verification
- Enabling or Disabling Password Case Sensitivity
- Ensuring Against Password Security Threats by Using the SHA-1 Hashing Algorithm
- Managing the Secure External Password Store for Password Credentials
- Authenticating Database Administrators
- Using the Database to Authenticate Users
- Using the Operating System to Authenticate Users
- Using the Network to Authenticate Users
- Configuring Global User Authentication and Authorization
- Configuring an External Service to Authenticate Users and Passwords
- Using Multitier Authentication and Authorization
- Preserving User Identity in Multitiered Environments
- Using a Middle Tier Server for Proxy Authentication
- About Proxy Authentication
- Advantages of Proxy Authentication
- Who Can Create Proxy User Accounts?
- Creating Proxy User Accounts and Authorizing Users to Connect Through Them
- Using Proxy Authentication with the Secure External Password Store
- Passing Through the Identity of the Real User by Using Proxy Authentication
- Limiting the Privilege of the Middle Tier
- Authorizing a Middle Tier to Proxy and Authenticate a User
- Authorizing a Middle Tier to Proxy a User Authenticated by Other Means
- Reauthenticating the User Through the Middle Tier to the Database
- Using Client Identifiers to Identify Application Users Not Known to the Database
- Using a Middle Tier Server for Proxy Authentication
- Finding Information About User Authentication
- 4 Configuring Privilege and Role Authorization
- About Privileges and Roles
- Who Should Be Granted Privileges?
- Granting the SYSDBA and SYSOPER Administrative Privileges to Users
- Managing System Privileges
- Managing User Roles
- Managing Object Privileges
- About Object Privileges
- Granting or Revoking Object Privileges
- Managing Object Privileges
- Managing Table Privileges
- Managing View Privileges
- Managing Procedure Privileges
- Using the EXECUTE Privilege for Procedure Privileges
- Procedure Execution and Security Domains
- How Procedure Privileges Affect Definer’s Rights
- How Procedure Privileges Affect Invoker’s Rights
- System Privileges Required to Create or Replace a Procedure
- System Privileges Required to Compile a Procedure
- How Procedure Privileges Affect Packages and Package Objects
- Managing Type Privileges
- Granting a User Privileges and Roles
- Revoking Privileges and Roles from a User
- Granting to and Revoking from the PUBLIC Role
- Granting Roles Using the Operating System or Network
- About Granting Roles Using the Operating System or Network
- Using Operating System Role Identification
- Using Operating System Role Management
- Granting and Revoking Roles When OS_ROLES Is Set to TRUE
- Enabling and Disabling Roles When OS_ROLES Is Set to TRUE
- Using Network Connections with Operating System Role Management
- When Do Grants and Revokes Take Effect?
- Managing Fine-Grained Access in PL/SQL Packages and Types
- About Fine-Grained Access Control to External Network Services
- About Access Control to Wallets
- Upgrading Applications That Depend on Packages That Use External Network Services
- Creating an Access Control List for External Network Services
- Configuring Access Control to a Wallet
- Examples of Creating Access Control Lists
- Example of an Access Control List for a Single Role and Network Connection
- Example of an Access Control List with Multiple Roles Assigned to Multiple Hosts
- Example of an Access Control List for Using Passwords in a Non-Shared Wallet
- Example of an Access Control List for Wallets in a Shared Database Session
- Specifying a Group of Network Host Computers
- Precedence Order for a Host Computer in Multiple Access Control List Assignments
- Precedence Order for a Host in Access Control List Assignments with Port Ranges
- Checking Privilege Assignments That Affect User Access to a Network Host
- Setting the Precedence of Multiple Users and Roles in One Access Control List
- Finding Information About Access Control Lists Configured for User Access
- Finding Information About User Privileges and Roles
- 5 Managing Security for Application Developers
- About Application Security Policies
- Considerations for Using Application-Based Security
- Securing Passwords in Application Design
- Managing Application Privileges
- Creating Secure Application Roles to Control Access to Applications
- Associating Privileges with User Database Roles
- Protecting Database Objects by Using Schemas
- Managing Object Privileges in an Application
- Parameters for Enhanced Security of Database Communication
- Reporting Bad Packets Received on the Database from Protocol Errors
- Terminating or Resuming Server Execution After Receiving a Bad Packet
- Configuring the Maximum Number of Authentication Attempts
- Controlling the Display of the Database Version Banner
- Configuring Banners for Unauthorized Access and Auditing User Actions
- 6 Using Application Contexts to Retrieve User Information
- About Application Contexts
- Types of Application Contexts
- Using Database Session-Based Application Contexts
- About Database Session-Based Application Contexts
- Creating a Database Session-Based Application Context
- Creating a PL/SQL Package to Set the Database Session-Based Application Context
- Creating a Logon Trigger to Run a Database Session Application Context Package
- Tutorial: Creating and Using a Database Session-Based Application Context
- About This Tutorial
- Step 1: Create User Accounts and Ensure the User SCOTT Is Active
- Step 2: Create the Database Session-Based Application Context
- Step 3: Create a Package to Retrieve Session Data and Set the Application Context
- Step 4: Create a Logon Trigger for the Package
- Step 5: Test the Application Context
- Step 6: Remove the Components for This Tutorial
- Initializing Database Session-Based Application Contexts Externally
- Initializing Database Session-Based Application Contexts Globally
- Using Externalized Database Session-Based Application Contexts
- Using Global Application Contexts
- About Global Application Contexts
- Using Global Application Contexts in an Oracle Real Application Clusters Environment
- Creating a Global Application Context
- Creating a PL/SQL Package to Manage a Global Application Context
- About the Package That Manages the Global Application Context
- How Editions Affects the Results of a Global Application Context PL/SQL Package
- Setting the DBMS_SESSION.SET_CONTEXT username and client_id Parameters
- Sharing Global Application Context Values for All Database Users
- Setting a Global Context for Database Users Who Move Between Applications
- Setting a Global Application Context for Nondatabase Users
- Clearing Session Data When the Session Closes
- Embedding Calls in Middle-Tier Applications to Manage the Client Session ID
- Tutorial: Creating a Global Application Context That Uses a Client Session ID
- Global Application Context Processes
- Using Client Session-Based Application Contexts
- Finding Information About Application Contexts
- 7 Using Oracle Virtual Private Database to Control Data Access
- About Oracle Virtual Private Database
- Components of an Oracle Virtual Private Database Policy
- Configuring an Oracle Virtual Private Database Policy
- About Oracle Virtual Private Database Policies
- Attaching a Policy to a Database Table, View, or Synonym
- Enforcing Policies on Specific SQL Statement Types
- Controlling the Display of Column Data with Policies
- Working with Oracle Virtual Private Database Policy Groups
- Optimizing Performance by Using Oracle Virtual Private Database Policy Types
- About Oracle Virtual Private Database Policy Types
- Using the Dynamic Policy Type to Automatically Rerun Policy Functions
- Using a Static Policy to Prevent Policy Functions from Rerunning for Each Query
- Using a Shared Static Policy to Share a Policy with Multiple Objects
- When to Use Static and Shared Static Policies
- Using a Context-Sensitive Policy for Predicates That Do Not Change After Parsing
- Using a Shared Context Sensitive Policy to Share a Policy with Multiple Objects
- When to Use Context-Sensitive and Shared Context-Sensitive Policies
- Summary of the Five Oracle Virtual Private Database Policy Types
- Tutorials: Creating Oracle Virtual Private Database Policies
- Tutorial: Creating a Simple Oracle Virtual Private Database Policy
- Tutorial: Implementing a Policy with a Database Session-Based Application Context
- About This Tutorial
- Step 1: Create User Accounts and Sample Tables
- Step 2: Create a Database Session-Based Application Context
- Step 3: Create a PL/SQL Package to Set the Application Context
- Step 4: Create a Logon Trigger to Run the Application Context PL/SQL Package
- Step 5: Create a PL/SQL Policy Function to Limit User Access to Their Orders
- Step 6: Create the New Security Policy
- Step 7: Test the New Policy
- Step 8: Remove the Components for This Tutorial
- Tutorial: Implementing an Oracle Virtual Private Database Policy Group
- About This Tutorial
- Step 1: Create User Accounts and Other Components for This Tutorial
- Step 2: Create the Two Policy Groups
- Step 3: Create PL/SQL Functions to Control the Policy Groups
- Step 4: Add the PL/SQL Functions to the Policy Groups
- Step 5: Create the Driving Application Context
- Step 6: Test the Policy Groups
- Step 7: Remove the Components for This Tutorial
- How Oracle Virtual Private Database Works with Other Oracle Features
- Using Oracle Virtual Private Database Policies with Editions
- Using SELECT FOR UPDATE in User Queries on VPD-Protected Tables
- How Oracle Virtual Private Database Policies Affect Outer or ANSI Join Operations
- How Oracle Virtual Private Database Security Policies Work with Applications
- Using Automatic Reparsing for Fine-Grained Access Control Policy Functions
- Using Oracle Virtual Private Database Policies and Flashback Query
- Using Oracle Virtual Private Database and Oracle Label Security
- Exporting Data Using the EXPDP Utility access_method Parameter
- User Models and Oracle Virtual Private Database
- Finding Information About Oracle Virtual Private Database Policies
- 8 Developing Applications Using the Data Encryption API
- Security Problems That Encryption Does Not Solve
- Data Encryption Challenges
- Storing Data Encryption by Using the DBMS_CRYPTO Package
- Examples of Using the Data Encryption API
- Finding Information About Encrypted Data
- 9 Verifying Security Access with Auditing
- About Auditing
- Selecting an Auditing Type
- Auditing General Activities with Standard Auditing
- About Standard Auditing
- Configuring Standard Auditing with the AUDIT_TRAIL Initialization Parameter
- What Do the Operating System and Database Audit Trails Have in Common?
- Using the Operating System Audit Trail
- Using the Syslog Audit Trail on UNIX Systems
- How the AUDIT and NOAUDIT SQL Statements Work
- Enabling Standard Auditing with the AUDIT SQL Statement
- Auditing Statement Executions: Successful, Unsuccessful, or Both
- How Standard Audit Records Are Generated
- How Do Cursors Affect Standard Auditing?
- Benefits of Using the BY ACCESS Clause in the AUDIT Statement
- Auditing Actions Performed by Specific Users
- Removing the Audit Option with the NOAUDIT SQL Statement
- Auditing SQL Statements
- Auditing Privileges
- Auditing SQL Statements and Privileges in a Multitier Environment
- Auditing Schema Objects
- About Schema Object Auditing
- Types of Schema Objects That Can Be Audited
- Using Standard Auditing with Editioned Objects
- Schema Object Audit Options for Views, Procedures, and Other Elements
- Configuring Schema Object Auditing
- Removing Object Auditing
- Setting Audit Options for Objects That May Be Created in the Future
- Auditing Directory Objects
- Auditing Functions, Procedures, Packages, and Triggers
- Auditing Network Activity
- Using Default Auditing for Security-Relevant SQL Statements and Privileges
- Auditing Specific Activities with Fine-Grained Auditing
- About Fine-Grained Auditing
- Where Are Fine-Grained Audit Records Stored?
- Advantages of Fine-Grained Auditing
- What Permissions Are Needed to Create a Fine-Grained Audit Policy?
- Activities That Are Always Audited in Fine-Grained Auditing
- Using Fine-Grained Audit Policies with Editions
- Creating an Audit Trail for Fine-Grained Audit Records
- How the Fine-Grained Audit Trail Generates Records
- Using the DBMS_FGA Package to Manage Fine-Grained Audit Policies
- Tutorial: Adding an Email Alert to a Fine-Grained Audit Policy
- About This Tutorial
- Step 1: Install and Configure the UTL_MAIL PL/SQL Package
- Step 2: Create User Accounts
- Step 3: Configure an Access Control List File for Network Services
- Step 4: Create the Email Security Alert PL/SQL Procedure
- Step 5: Create and Test the Fine-Grained Audit Policy Settings
- Step 6: Test the Alert
- Step 7: Remove the Components for This Tutorial
- Tutorial: Auditing Nondatabase Users
- Auditing SYS Administrative Users
- Using Triggers to Write Audit Data to a Separate Table
- Managing Audit Trail Records
- Purging Audit Trail Records
- About Purging Audit Trail Records
- Selecting an Audit Trail Purge Method
- Scheduling an Automatic Purge Job for the Audit Trail
- Step 1: If Necessary, Tune Online and Archive Redo Log Sizes
- Step 2: Plan a Timestamp and Archive Strategy
- Step 3: Initialize the Audit Trail Cleanup Operation
- Step 4: Optionally, Set an Archive Timestamp for Audit Records
- Step 5: Create and Schedule the Purge Job
- Step 6: Optionally, Configure the Audit Trail Records to be Deleted in Batches
- Manually Purging the Audit Trail
- Purging a Subset of Records from the Database Audit Trail
- Other Audit Trail Purge Operations
- Verifying That the Audit Trail Is Initialized for Cleanup
- Setting the Default Audit Trail Purge Interval for Any Audit Trail Type
- Cancelling the Initialization Cleanup Settings
- Enabling or Disabling an Audit Trail Purge Job
- Setting the Default Audit Trail Purge Job Interval for a Specified Purge Job
- Deleting an Audit Trail Purge Job
- Clearing the Archive Timestamp Setting
- Clearing the Database Audit Trail Batch Size
- Example: Directly Calling a Database Audit Trail Purge Operation
- Finding Information About Audited Activities
- 10 Keeping Your Oracle Database Secure
- About the Security Guidelines in This Chapter
- Downloading Security Patches and Contacting Oracle Regarding Vulnerabilities
- Guidelines for Securing User Accounts and Privileges
- Guidelines for Securing Roles
- Guidelines for Securing Passwords
- Guidelines for Securing Data
- Guidelines for Securing the ORACLE_LOADER Access Driver
- Guidelines for Securing a Database Installation and Configuration
- Guidelines for Securing the Network
- Guidelines for Auditing
- Addressing the CONNECT Role Change
- Glossary
- Index