47,99 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Wissenschaft und neue Technologien
- Sprache: Englisch
Secure your Oracle Database 12c with this valuable Oracle support resource, featuring more than 100 solutions to the challenges of protecting your data
About This Book
- Explore and learn the new security features introduced in Oracle Database 12c, to successfully secure your sensitive data
- Learn how to identify which security strategy is right for your needs – and how to apply it
- Each recipe' provides you with a single step-by-step solution, making this book a vital resource, delivering Oracle support in one accessible place
Who This Book Is For
This book is for DBAs, developers, and architects who are keen to know more about security in Oracle Database 12c. This book is best suited for beginners and intermediate-level database security practitioners. Basic knowledge of Oracle Database is expected, but no prior experience of securing a database is required.
What You Will Learn
- Analyze application privileges and reduce the attack surface
- Reduce the risk of data exposure by using Oracle Data Redaction and Virtual Private Database
- Control data access and integrity in your organization using the appropriate database feature or option
- Learn how to protect your databases against application bypasses
- Audit user activity using the new auditing architecture
- Restrict highly privileged users from accessing data
- Encrypt data in Oracle Database
- Work in a real-world environment where a multi-layer security strategy is applied
In Detail
Businesses around the world are paying much greater attention toward database security than they ever have before. Not only does the current regulatory environment require tight security, particularly when dealing with sensitive and personal data, data is also arguably a company's most valuable asset - why wouldn't you want to protect it in a secure and reliable database? Oracle Database lets you do exactly that. It's why it is one of the world's leading databases – with a rich portfolio of features to protect data from contemporary vulnerabilities, it's the go-to database for many organizations.
Oracle Database 12c Security Cookbook helps DBAs, developers, and architects to better understand database security challenges. Let it guide you through the process of implementing appropriate security mechanisms, helping you to ensure you are taking proactive steps to keep your data safe. Featuring solutions for common security problems in the new Oracle Database 12c, with this book you can be confident about securing your database from a range of different threats and problems.
Style and approach
Each chapter explains the different aspects of security through a series of recipes. Each recipe presents instructions in a step-by-step manner, supported by explanations of the topic.
Sie lesen das E-Book in den Legimi-Apps auf:
Seitenzahl: 241
Veröffentlichungsjahr: 2016
Ähnliche
Table of Contents
Oracle Database 12c Security Cookbook
Oracle Database 12c Security Cookbook
Copyright © 2016 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: May 2016
Production reference: 1270516
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78217-212-3
www.packtpub.com
Credits
Authors
Zoran Pavlović
Maja Veselica
Project Coordinator
Shweta H. Birwatkar
Reviewers
Gokhan Atil
Dmitri Levin
Osama Mustafa
Arup Nanda
Kenneth Roth
Proofreader
Safis Editing
Commissioning Editor
Kevin Colaco
Indexer
Hemangini Bari
Acquisition Editor
Kevin Colaco
Graphics
Kirk D'Penha
Content Development Editors
Neeshma Ramakrishnan
Deepti Thore
Production Coordinator
Shantanu N. Zagade
Technical Editor
Gaurav Suri
Cover Work
Shantanu N. Zagade
Copy Editor
Dipti Mankame
About the Authors
Zoran Pavlović has worked on various complex database environments including RAC, ASM, Data Guard, GoldenGate, and so on. Areas of his expertise are security, performance/SQL tuning and high availabilty/disaster recovery of Oracle database. He has been working as an instructor for Oracle University since 2010 and during that time he has trained more than 200 students in Europe. In the last couple of years, Zoran has also been working on projects for Oracle Consulting. He is an Oracle ACE and he has been featured speaker/author at many conferences/magazines. He was actively engaged in beta testing Oracle Database 12c. Currently, Zoran is working as an Oracle Technical Architect in Parallel d.o.o. Belgrade.
I would like to take this opportunity to acknowledge some important people in my life who continuously inspire and support me. First, I want to say thank you to my parents Milenko and Stanojka Pavlovic, for everything they taught me, and for all the support they gave me during all these years. Second, I would like to say thank you to my family and my good friends, who helped me become a better person and a better professional. I am very thankful to our excellent team of technical reviewers: Arup Nanda, Gokhan Atil, Dmitri Levin, Osama Mustafa, and Kenneth Roth for their great suggestions and a very helpful feedback. I am also very thankful to Maja Veselica (it was a pleasure writing this book with you), all the editors, and everyone involved in this book.
Maja Veselica, MSc in software engineering, is currently working for Parallel d.o.o., Belgrade, as an Oracle Database consultant (security, performance tuning, and so on). She has been working as an instructor for Oracle University since 2010. In the last couple of years, she has also been working for Oracle Consulting. Also, Maja is a member of Oracle ACE Program and has more than 20 Oracle certificates. She enjoys (beta) testing Oracle products and participating in other Oracle-related activities.
This is the first book I've written, and because of that, it will always be special to me. I would like to thank my entire family and friends for their patience and support. I am especially grateful to my parents, Mirko and Sanja Veselica, who informally reviewed most parts of the book, and to my uncle Dušan, aunt Zora, and my best friend Mirjana Marković for very creative suggestions.
I am very thankful to the technical reviewers: Arup Nanda, Gokhan Atil, Dmitri Levin, Osama Mustafa, and Kenneth Roth for spending their spare time reviewing this book and for providing us with very valuable feedback (corrections, suggestions, ideas, and opinions). Also, this book couldn't have been written without the Packt Publishing team - thank you all!
Zoran, I always enjoy working with you. Hopefully someday, we'll write another book together.
About the Reviewers
Gokhan Atil is an Oracle ACE Director and DBA team lead at Bilyoner.com in Istanbul, Turkey. He has more than 15 years of experience in the IT industry, working with Oracle, PostgreSQL, Microsoft SQL Server, MySQL, and NoSQL databases. He has a strong background in software development and UNIX systems. Gokhan is an Oracle Certified Professional (OCP), and he specializes in high availability solutions, performance tuning, and monitoring tools.
Gokhan is a founding member and current vice president of Turkish Oracle User Group (TROUG). He's also a member of Independent Oracle User Group (IOUG). Gokhan has presented at various conferences, and he is a coauthor of Expert Oracle Enterprise Manager 12c book.
Gokhan shares his experience of working with Oracle products by blogging at www.gokhanatil.com since 2008 and on Twitter with the handle @gokhanatil.
Dmitri Levin has been working as a database administrator for more than 20 years.
His areas of interest include the database design, replication, and performance tuning. Dmitri has spoken at several national and international conferences.
He is currently working as senior database architect and administrator at alphabroder co.
Dmitri has an MS degree in Mathematics from St. Petersburg University, Russia, Oracle Database 11g OCA, and MS SQL Server 2012 certified DBA.
He can be reached at [email protected].
Osama Mustafa (Oracle ACE Director) has progressive experience in the Oracle products community. He recently served as an Oracle DBA team leader and is certified in Oracle products, such as Fusion middleware, and is a database professional, Oracle Certified Implementation Specialist, and certified Solaris System Administrator. He loves to share his learning with the Oracle community, so when he is not delivering an Oracle-related session, he spends a lot of his time participating in OTN (Oracle Technology Network) discussion forums.
Osama Mustafa is a popular speaker at many Oracle conferences around the world. He is also the President and Director of JAOUG (Jordan Amman Oracle User Group, which is the first group in Jordan). He worked as an Oracle database developer and Oracle database administrator, and now he is a Fusion middleware security specialist and certified in multiple oracle products.
In addition to this, Osama is a volunteer in Oracle User Group, an author for Oracle penetration testing books, and a reviewer for Oracle books such as Oracle Data Guard 11gR2 Administration Beginner's Guide and Oracle 11g Anti-hacker's Cookbook. He also organizes RAC Attack around the world, publishes online articles on his blog https://osamamustafa.blogspot.com, and his articles are published in Oracle Magazine and OTech magazine. Osama Mustafa is active on Twitter as @osamaoracle and his blog.
First and foremost, I would like to thank my parents and my family for allowing me to follow my ambitions throughout my childhood and for standing beside me throughout my career. Special thanks to the girl who changed my life for the better and taught me a lot of things in life.
They have all been the inspiration and motivation for continuing to improve my knowledge and move my career forward and having the patience with me for having taken yet another challenge, which decreases the amount of time I can spend with them, and I hope that one day they can understand why I spent so much time in front of my computer.
Thanks to my friends and Oracle community friends around the world who support me and guide me to be the person I am today.
Arup Nanda has been an Oracle DBA for more than 20 years with experience spanning all aspects from modeling to performance tuning and Exadata. He gives speeches frequently; he has authored about 500 articles and coauthored 5 books. He also blogs at arup.blogspot.com and mentors new and seasoned DBAs. He won the Oracle's DBA of the Year in 2003 and Enterprise Architect of the Year awards in 2012. He is also an Oracle ACE director and a member of Oak Table Network.
He is the author of Oracle Privacy Security Auditing, Rampant TechPress (2005), Oracle PL/SQL for DBAs, O'Reilly (2005), Oracle 10g New Features, Oracle Press (2007), Oracle RMAN Recipes, Apress (2007 and 2013), Expert Oracle Practices, Apress (2013), and Expert PL/SQL Practices, Apress (2014). He has reviewed many books but prefers not to mention all of them here due to lack of space.
To my beautiful wife Anu and son Anish for putting up with me during the review of this book.
Kenneth Roth is an Oracle Certified Professional with over 25 years of IT experience primarily focused on Oracle database products. Ken has worked in a variety of IT-related roles and industries, including financial services, transportation, pharmaceutical, manufacturing, and the public sector. Based in Chicago, he currently enjoys the freedom, variety, and challenges associated with being an independent technology consultant.
www.PacktPub.com
eBooks, discount offers, and more
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
https://www2.packtpub.com/books/subscription/packtlib
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.
Why subscribe?
Instant updates on new Packt books
Get notified! Find out when new books are published by following @PacktEnterprise on Twitter or the Packt Enterprise Facebook page.
Preface
This book covers most of the Oracle Database 12c Security features and solutions that exist in Oracle Database 12c. Oracle Database 12c Security Cookbook will help you better understand database security challenges. It will guide you through the process of implementing appropriate security mechanisms, helping you to ensure that you are taking proactive steps to keep your data safe. Because the book features solutions for common security problems in the new Oracle Database 12c, it will make you confident about securing your database from a range of different threats and problems.
What this book covers
Chapter 1, Basic Database Security, introduces you to the different authentication methods supported by Oracle Database 12c and also provides a brief overview about creating and using database roles.
Chapter 2, Security Considerations in Multitenant Environment, focuses on some of the security considerations concerning common and local: users, roles, and privileges.
Chapter 3, PL/SQL Security, helps you understand the differences and usages of definer and invoker rights procedures as well as usages of code-based access control. It gives required information about authorization.
Chapter 4, Virtual Private Database, introduces you to the Oracle Virtual Private Database, which is a security feature introduced in Oracle Database 8i, which enables you to have a more granular control over security of your data.
Chapter 5, Data Redaction, introduces you to the new security feature Oracle Data Redaction, which helps you mask (hide/redact) some (sensitive) data from end users in a production environment.
Chapter 6, Transparent Sensitive Data Protection, teaches you ways to create classes of sensitive data and helps you gain more centralized control over how sensitive data is protected.
Chapter 7, Privilege Analysis, it shows how to create and enable privilege analysis policies. It also covers how to generate reports and revoke both used and unused Object/System privileges.
Chapter 8, Transparent Data Encryption, explains key concepts and tasks such as: two-key architecture, key management, message authentication code (MAC), salt, encrypting columns in a table, encrypting a tablespace, creating an encrypted RMAN backup, and so on.
Chapter 9, Database Vault, covers basic concepts of Oracle Database Vault. It teaches you how to create and appropriately use realms, rules, rule sets, command rules, factors, and secure application roles.
Chapter 10, Unified Auditing, introduces a new auditing architecture.
Chapter 11, Additional Topics, covers more advanced topics and teaches you how to perform everyday administration tasks in Database Vault environment.
Chapter 12, Appendix - Application Contexts, will cover how to retrieve values from built-in contexts and to create, set, and use an application context.
What you need for this book
Software required (with version)- Oracle Database 12c, Enterprise Manager Cloud Control 12c R4, Oracle Enterprise Manager Database Express 12c
Hardware specifications- OS required- Linux (Preferred Oracle Linux 6.5)
Who this book is for
This book is for DBAs, developers, and architects who are keen to know more about security in Oracle Database 12c. This book is best suited for beginners and intermediate-level database security practitioners. Basic knowledge of Oracle Database is expected, but no prior experience of securing a database is required.
Sections
In this book, you will find several headings that appear frequently (Getting ready, How to do it, How it works, There's more, and See also).
To give clear instructions on how to complete a recipe, we use these sections as follows:
Getting ready
This section tells you what to expect in the recipe and describes how to set up any software or any preliminary settings required for the recipe.
How to do it…
This section contains the steps required to follow the recipe.
How it works…
This section usually consists of a detailed explanation of what happened in the previous section.
There's more…
This section consists of additional information about the recipe in order to make the reader more knowledgeable about the recipe.
See also
This section provides helpful links to other useful information for the recipe.
Conventions
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "Create a local user (for example, mike)."
Any command-line input or output is written as follows:
c##zoran@CDB1> create user c##maja identified by oracle1 container=all;New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "Click on the Create button."
Note
Warnings or important notes appear in a box like this.
Tip
Tips and tricks appear like this.
For this book we have outlined the shortcuts for the Mac OX platform if you are using the Windows version you can find the relevant shortcuts on the WebStorm help page https://www.jetbrains.com/webstorm/help/keyboard-shortcuts-by-category.html.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail [email protected], and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Downloading the example code
You can download the example code files for this book from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
You can download the code files by following these steps:
You can also download the code files by clicking on the Code Files button on the book's webpage at the Packt Publishing website. This page can be accessed by entering the book's name in the Search box. Please note that you need to be logged in to your Packt account.
Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:
The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Oracle-Database-12c-Security-Cookbook. We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata , selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at [email protected] with a link to the suspected pirated material.
