1/46
Contents
List of Examples
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
Changes in This Release for Oracle Database Security Guide
Changes in Oracle Database Security 12c Release 1 (12.1.0.2)
Changes in Oracle Database Security 12
c
Release 1 (12.1.0.1)
1
Introduction Oracle Database Security
About Oracle Database Security
Additional Oracle Database Security Resources
Part I Managing User Authentication and Authorization
2
Managing Security for Oracle Database Users
About User Security
Creating User Accounts
About Common Users and Local Users
About Common Users
How Plugging in PDBs Affects Common Users
About Local Users
Who Can Create User Accounts?
Creating a New User Account and Granting the User the Minimum Database Privileges
Restrictions on Creating the User Name for a New Account
About Specifying a User Name
Case Sensitivity for User Names
Assignment of User Passwords
Default Tablespace for the User
About Assigning a Default Tablespace for a User
DEFAULT TABLESPACE Clause for Assigning a Default Tablespace
Tablespace Quotas for a User
About Assigning a Tablespace Quota for a User
CREATE USER Statement for Assigning a Tablespace Quota
Restriction of the Quota Limits for User Objects in a Tablespace
Grants to Users for the UNLIMITED TABLESPACE System Privilege
Temporary Tablespaces for the User
About Assigning a Temporary Tablespace for a User
TEMPORARY TABLESPACE Clause for Assigning a Temporary Tablespace
Profiles for the User
Creation of a Common User or a Local User
About Creating Common User Accounts
CREATE USER Statement for Creating a Common User Account
About Creating Local User Accounts
CREATE USER Statement for Creating a Local User Account
Creating a Default Role for the User
Altering User Accounts
About Altering User Accounts
ALTER USER Statement for Altering Common or Local User Accounts
Changing Non-SYS User Passwords
About Changing Non-SYS User Passwords
Using the PASSWORD Command or ALTER USER Statement to Change a Password
Changing the SYS User Password
About Changing the SYS User Password
ORAPWD Utility for Changing the SYS User Password
Configuring User Resource Limits
About User Resource Limits
Types of System Resources and Limits
Limits to the User Session Level
Limits to Database Call Levels
Limits to CPU Time
Limits to Logical Reads
Limits to Other Resources
Determining Values for Resource Limits of Profiles
Managing Resources with Profiles
About Profiles
Creating a Profile
Assigning a Profile to a User
Dropping Profiles
Dropping User Accounts
About Dropping User Accounts
Terminating a User Session
About Dropping a User After the User Is No Longer Connected to the Database
Dropping a User Whose Schema Contains Objects
Database User and Profile Data Dictionary Views
Data Dictionary Views That List Information About Users and Profiles
Query to Find All Users and Associated Information
Query to List All Tablespace Quotas
Query to List All Profiles and Assigned Limits
Query to View Memory Use for Each User Session
3
Configuring Authentication
About Authentication
Configuring Password Protection
What Are the Oracle Database Built-in Password Protections?
Minimum Requirements for Passwords
Creating a Password by Using the IDENTIFIED Clause
Using a Password Management Policy
About Managing Passwords
Finding User Accounts That Have Default Passwords
Password Settings in the Default Profile
Using the ALTER PROFILE Statement to Set Profile Limits
Disabling and Enabling the Default Password Security Settings
Automatic Locking of User Accounts After Failed Logins
Control of the User Ability to Reuse Previous Passwords
About Controlling Password Aging and Expiration
Using the CREATE PROFILE or ALTER PROFILE Statement to Set a Password Lifetime
Checking the Status of a User Account
Password Change Life Cycle
PASSWORD_LIFE_TIME Profile Parameter Low Value
Managing the Complexity of Passwords
About Password Complexity Verification
How Oracle Database Checks the Complexity of Passwords
Who Can Use the Password Complexity Functions?
verify_function_11G Function Password Requirements
ora12c_verify_function Function Password Requirements
ora12c_strong_verify_function Function Password Requirements
About Customizing Password Complexity Verification
Enabling Password Complexity Verification
Enabling Password Case Sensitivity
About Enabling Password Case Sensitivity
Using the ALTER SYSTEM Statement to Enable Password Case Sensitivity
Management of Case Sensitivity for Secure Role Passwords
Management of Password Versions of Users
Finding and Resetting User Passwords That Use the 10G Password Verifier
How Case Sensitivity Affects Password Files
How Case Sensitivity Affects Passwords Used in Database Link Connections
Ensuring Against Password Security Threats by Using the 12C Verifier
About the 12C Verifier
Configuring Oracle Database to Use the 12C Verifier
Configuring Oracle Database to Use the 12C Verifier Exclusively
Configuring Oracle Database Client to Use the 12C Verifier Exclusively
Managing the Secure External Password Store for Password Credentials
About the Secure External Password Store
How Does the External Password Store Work?
About Configuring Clients to Use the External Password Store
Configuring a Client to Use the External Password Store
Managing External Password Store Credentials
Authentication of Database Administrators
About Authentication of Database Administrators
Strong Authentication and Centralized Management for Database Administrators
About Strong Authentication for Database Administrators
Configuring Directory Authentication for Administrative Users
Configuring Kerberos Authentication for Administrative Users
Configuring Secure Sockets Layer Authentication for Administrative Users
Authentication of Database Administrators by Using the Operating System
Authentication of Database Administrators by Using Their Passwords
Risks of Using Password Files for Database Administrator Authentication
Database Authentication of Users
About Database Authentication
Advantages of Database Authentication
Creation of Users Who Are Authenticated by the Database
Operating System Authentication of Users
Network Authentication of Users
Authentication Using Secure Sockets Layer
Authentication Using Third-Party Services
About Authentication Using Third-Party Services
Authentication Using Kerberos
Authentication Using RADIUS
Authentication Using Directory-Based Services
Authentication Using Public Key Infrastructure
Global User Authentication and Authorization
About Configuring Global User Authentication and Authorization
Configuration of Users Who Are Authorized by a Directory Service
Creating a Global User Who Has a Private Schema
Creating Multiple Enterprise Users Who Share Schemas
Advantages of Global Authentication and Global Authorization
Configuring an External Service to Authenticate Users and Passwords
About External Authentication
Advantages of External Authentication
Creating a User Who Is Authenticated Externally
Authentication of User Logins By Using the Operating System
Authentication of User Logins Using Network Authentication
Using Multitier Authentication and Authorization
Administration and Security in Clients, Application Servers, and Database Servers
Preserving User Identity in Multitiered Environments
Middle Tier Server Use for Proxy Authentication
About Proxy Authentication
Advantages of Proxy Authentication
Who Can Create Proxy User Accounts?
Guidelines for Creating Proxy User Accounts
Proxy User Accounts and the Authorization of Users to Connect Through Them
Creating Proxy User Accounts and Authorizing Users to Connect Through Them
Using Proxy Authentication with the Secure External Password Store
How the Identity of the Real User Is Passed with Proxy Authentication
Limits to the Privileges of the Middle Tier
Authorization of a Middle Tier to Proxy and Authenticate a User
Authorization a Middle Tier to Proxy a User Authenticated by Other Means
Reauthentication of a User Through the Middle Tier to the Database
Using Client Identifiers to Identify Application Users Not Known to the Database
About Client Identifiers
How Client Identifiers Work in Middle Tier Systems
Use of the CLIENT_IDENTIFIER Attribute to Preserve User Identity
Use of the CLIENT_IDENTIFIER Independent of Global Application Context
Setting the CLIENT_IDENTIFIER Independent of Global Application Context
Use of the DBMS_SESSION PL/SQL Package to Set and Clear the Client Identifier
Enabling the CLIENTID_OVERWRITE Event System-Wide
Enabling the CLIENTID_OVERWRITE Event for the Current Session
Disabling the CLIENTID_OVERWRITE Event
User Authentication Data Dictionary Views
4
Configuring Privilege and Role Authorization
About Privileges and Roles
Who Should Be Granted Privileges?
How the Oracle Multitenant Option Affects Privileges
Managing Administrative Privileges
About Administrative Privileges
Grants of Administrative Privileges to Users
SYSDBA and SYSOPER Administrative Privileges for Standard Database Operations
SYSBACKUP Administrative Privilege for Backup and Recovery Operations
SYSDG Administrative Privilege for Oracle Data Guard Operations
SYSKM Administrative Privilege for Transparent Data Encryption
Managing System Privileges
About System Privileges
Why Is It Important to Restrict System Privileges?
About the Importance of Restricting System Privileges
Restriction of System Privileges by Securing the Data Dictionary
User Access to Objects in the SYS Schema
Grants and Revokes of System Privileges
Who Can Grant or Revoke System Privileges?
About ANY Privileges and the PUBLIC Role
Managing Commonly and Locally Granted Privileges
About Commonly and Locally Granted Privileges
How Commonly Granted System Privileges Work
How Commonly Granted Object Privileges Work
Granting or Revoking Privileges to Access a PDB
Enabling Common Users to View Information About Container Objects
Viewing Data Pertaining to Root, CDB, and PDBs While Connected to Root
Enabling Common Users to Query Data in Specific PDBs
Managing Common Roles and Local Roles
About Common Roles and Local Roles
How Common Roles Work
How the PUBLIC Role Works in a Multitenant Environment
Privileges Required to Create, Modify, or Drop a Common Role
Rules for Creating Common Roles
Creating a Common Role
Rules for Creating Local Roles
Creating a Local Role
Grants to or Revokes from Common Roles and Local Roles
Managing User Roles
About User Roles
What Are User Roles?
The Functionality of Roles
Properties of Roles and Why They Are Advantageous
Typical Uses of Roles
How Roles Affect the Scope of a User's Privileges
How Roles Work in PL/SQL Blocks
How Roles Aid or Restrict DDL Usage
How Operating Systems Can Aid Roles
How Roles Work in a Distributed Environment
Predefined Roles in an Oracle Database Installation
Creating a Role
About the Creation of Roles
Creating a Role That Is Authenticated With a Password
Creating a Role That Has No Password Authentication
Creating a Role That Is External or Global
Altering a Role
Specifying the Type of Role Authorization
Authorization of a Role by Using the Database
Authorizing a Role by Using an Application
Authorizing a Role by Using an External Source
Authorization a Role by Using the Operating System
Authorization a Role by Using a Network Client
Authorizing a Global Role by an Enterprise Directory Service
Granting and Revoking Roles
About Granting and Revoking Roles
Who Can Grant or Revoke Roles?
Granting and Revoking Roles to and from Program Units
Dropping Roles
Restricting SQL*Plus Users from Using Database Roles
Potential Security Problems of Using Ad Hoc Tools
How the PRODUCT_USER_PROFILE System Table Can Limit Roles
How Stored Procedures Can Encapsulate Business Logic
Securing Role Privileges by Using Secure Application Roles
Managing Object Privileges
About Object Privileges
Who Can Grant Object Privileges?
Grants and Revokes of Object Privileges
About Granting and Revoking Object Privileges
How the ALL Clause Grants or Revokes All Available Object Privileges
READ and SELECT Object Privileges
About Managing READ and SELECT Object Privileges
The READ Object Privilege for Any Table in the Database
Restrictions on the READ and READ ANY TABLE Privileges
Using Object Privileges with Synonyms
Table Privileges
How Table Privileges Affect Data Manipulation Language Operations
How Table Privileges Affect Data Definition Language Operations
View Privileges
Privileges Required to Create Views
Increasing Table Security with Views
Procedure Privileges
Use of the EXECUTE Privilege for Procedure Privileges
Procedure Execution and Security Domains
System Privileges Required to Create or Replace a Procedure
System Privileges Required to Compile a Procedure
How Procedure Privileges Affect Packages and Package Objects
About the Effect of Procedure Privileges on Packages and Package Objects
Procedure Privileges and Packages and Package Objects: Example 1
Procedure Privileges and Packages and Package Objects: Example 2
Type Privileges
System Privileges for Named Types
Object Privileges for Named Types
Method Execution Model for Named Types
Privileges Required to Create Types and Tables Using Types
Example of Privileges for Creating Types and Tables Using Types
Privileges on Type Access and Object Access
Type Dependencies
Grants of User Privileges and Roles
Granting System Privileges and Roles to Users and Roles
Use of the ADMIN Option to Enable Grantee Users to Grant the Privilege
Creation of a New User with the GRANT Statement
Granting Object Privileges to Users and Roles
About Granting Object Privileges to Users and Roles
How the WITH GRANT OPTION Clause Works
Grants of Object Privileges on Behalf of the Object Owner
Grants of Privileges on Columns
Row-Level Access Control
Revokes of Privileges and Roles from a User
Revokes of System Privileges and Roles
Revokes of Object Privileges
About Revokes of Object Privileges
Revokes of Multiple Object Privileges
Revokes of Object Privileges on Behalf of the Object Owner
Revokes of Column-Selective Object Privileges
Revokes of the REFERENCES Object Privilege
Cascading Effects of Revoking Privileges
Cascading Effects When Revoking System Privileges
Cascading Effects When Revoking Object Privileges
Grants and Revokes of Privileges to and from the PUBLIC Role
Grants of Roles Using the Operating System or Network
About Granting Roles Using the Operating System or Network
Operating System Role Identification
Operating System Role Management
Role Grants and Revokes When OS_ROLES Is Set to TRUE
Role Enablements and Disablements When OS_ROLES Is Set to TRUE
Network Connections with Operating System Role Management
When Do Grants and Revokes Take Effect?
How the SET ROLE Statement Affects Grants and Revokes
Specifying Default Roles
The Maximum Number of Roles That a User Can Have Enabled
User Privilege and Role Data Dictionary Views
Data Dictionary Views to Find Information about Privilege and Role Grants
Query to List All System Privilege Grants
Query to List All Role Grants
Query to List Object Privileges Granted to a User
Query to List the Current Privilege Domain of Your Session
Query to List Roles of the Database
Query to List Information About the Privilege Domains of Roles
5
Managing Security for Definer's Rights and Invoker's Rights
About Definer's Rights and Invoker's Rights
How Procedure Privileges Affect Definer's Rights
How Procedure Privileges Affect Invoker's Rights
When You Should Create Invoker's Rights Procedures
Controlling Invoker's Rights Privileges for Procedure Calls and View Access
How the Privileges of a Schema Affect the Use of Invoker's Rights Procedures
How the INHERIT [ANY] PRIVILEGES Privileges Control Privilege Access
Grants of the INHERIT PRIVILEGES Privilege to Other Users
Grants of the INHERIT ANY PRIVILEGES Privilege to Other Users
Managing the INHERIT PRIVILEGES and INHERIT ANY PRIVILEGES Privileges
Definer's Rights and Invoker's Rights in Views
About Controlling Definer's Rights and Invoker's Rights in Views
Use of the BEQUEATH Clause in the CREATE VIEW Statement
Finding the User Name or User ID of the Invoking User
Finding BEQUEATH DEFINER and BEQUEATH_CURRENT_USER Views
Using Code Based Access Control for Definer's Rights and Invoker's Rights
About Using Code Based Access Control for Applications
Who Can Grant Code Based Access Control Roles to a Program Unit?
How Code Based Access Control Works with Invoker's Rights Program Units
How Code Based Access Control Works with Definer's Rights Program Units
Grants of Database Roles to Users for Their CBAC Grants
Grants and Revokes of Database Roles to a Program Unit
Tutorial: Controlling Access to Sensitive Data Using Code Based Access Control
About This Tutorial
Step 1: Create the User and Grant HR the CREATE ROLE Privilege
Step 2: Create the print_employees Invoker's Rights Procedure
Step 3: Create the hr_clerk Role and Grant Privileges for It
Step 4: Test the Code Based Access Control HR.print_employees Procedure
Step 5: Create the view_emp_role Role and Grant Privileges for It
Step 6: Test the HR.print_employees Procedure Again
Step 7: Remove the Components of This Tutorial
6
Managing Fine-Grained Access in PL/SQL Packages and Types
About Managing Fine-Grained Access in PL/SQL Packages and Types
About Fine-Grained Access Control to External Network Services
About Access Control to Oracle Wallets
Upgraded Applications That Depend on Packages That Use External Network Services
Configuring Access Control for External Network Services
Syntax for Configuring Access Control for External Network Services
Example: Configuring Access Control for External Network Services
Revoking Access Control Privileges for External Network Services
Configuring Access Control to an Oracle Wallet
About Configuring Access Control to an Oracle Wallet
Step 1: Create an Oracle Wallet
Step 2: Configure Access Control Privileges for the Oracle Wallet
Step 3: Make the HTTP Request with the Passwords and Client Certificates
Making the HTTPS Request with the Passwords and Client Certificates
Using a Request Context to Hold the Wallet When Sharing the Session with Other Applications
Use of Only a Client Certificate to Authenticate
Use of a Password to Authenticate
Revoking Access Control Privileges for Oracle Wallets
Examples of Configuring Access Control for External Network Services
Example: Access Control Configuration for a Single Role and Network Connection
Example: Access Control Using a Deny and a Grant for a User and a Role
Example: Access Control Configuring for Passwords in a Non-Shared Wallet
Example: Access Control Configuration for Wallets in a Shared Database Session
Specifying a Group of Network Host Computers
Precedence Order for a Host Computer in Multiple Access Control List Assignments
Precedence Order for a Host in Access Control List Assignments with Port Ranges
Checking Privilege Assignments That Affect User Access to Network Hosts
About Checking Privilege Assignments that Affect User Access to Network Hosts
How Administrators Can Check User Network Connection and Domain Privileges
How Users Can Check Their Network Connection and Domain Privileges
Configuring Network Access for Java Debug Wire Protocol Operations
Data Dictionary Views for Access Control Lists Configured for User Access
7
Managing Security for a Multitenant Environment in Enterprise Manager
About Managing Security for a Multitenant Environment in Enterprise Manager
Logging into a Multitenant Environment in Enterprise Manager
Logging into a CDB or a PDB
Switching to a Different PDB or to the Root
Managing Common and Local Users in Enterprise Manager
Creating a Common User Account in Enterprise Manager
Editing a Common User Account in Enterprise Manager
Dropping a Common User Account in Enterprise Manager
Creating a Local User Account in Enterprise Manager
Editing a Local User Account in Enterprise Manager
Dropping a Local User Account in Enterprise Manager
Managing Common and Local Roles and Privileges in Enterprise Manager
Creating a Common Role in Enterprise Manager
Editing a Common Role in Enterprise Manager
Dropping a Common Role in Enterprise Manager
Revoking Common Privilege Grants in Enterprise Manager
Creating a Local Role in Enterprise Manager
Editing a Local Role in Enterprise Manager
Dropping a Local Role in Enterprise Manager
Revoking Local Privilege Grants in Enterprise Manager
Part II Application Development Security
8
Managing Security for Application Developers
About Application Security Policies
Considerations for Using Application-Based Security
Are Application Users Also Database Users?
Is Security Better Enforced in the Application or in the Database?
Securing Passwords in Application Design
General Guidelines for Securing Passwords in Applications
Platform-Specific Security Threats
Guidelines for Designing Applications to Handle Password Input
Guidelines for Configuring Password Formats and Behavior
Guidelines for Handling Passwords in SQL*Plus and SQL Scripts
Use of an External Password Store to Secure Passwords
Securing Passwords Using the ORAPWD Utility
Example of Reading Passwords in Java
Securing External Procedures
About Securing External Procedures
Configuring Authentication for External Procedures
External Procedures for Legacy Applications
Managing Application Privileges
Creating Secure Application Roles to Control Access to Applications
Step 1: Create the Secure Application Role
Step 2: Create a PL/SQL Package to Define the Access Policy for the Application
About Creating a PL/SQL Package to Define the Access Policy for an Application
Creating a PL/SQL Package to Define the Access Policy for an Application
Testing the Secure Application Role
Association of Privileges with User Database Roles
Why Users Should Only Have the Privileges of the Current Database Role
Use of the SET ROLE Statement to Automatically Enable or Disable Roles
Protecting Database Objects by Using Schemas
Protecting Database Objects in a Unique Schema
Protection of Database Objects in a Shared Schema
Object Privileges in an Application
What Application Developers Must Know About Object Privileges
SQL Statements Permitted by Object Privileges
Parameters for Enhanced Security of Database Communication
Bad Packets Received on the Database from Protocol Errors
Controlling Server Execution After Receiving a Bad Packet
Configuration of the Maximum Number of Authentication Attempts
Configuring the Display of the Database Version Banner
Configuring Banners for Unauthorized Access and Auditing User Actions
Part III Controlling Access to Data
9
Using Application Contexts to Retrieve User Information
About Application Contexts
What Is an Application Context?
Components of the Application Context
Where Are the Application Context Values Stored?
Benefits of Using Application Contexts
How Editions Affects Application Context Values
Types of Application Contexts
Using Database Session-Based Application Contexts
About Database Session-Based Application Contexts
Creating Database Session-Based Application Contexts
About Creating Database Session-Based Application Contexts
Creating a Database Session-Based Application Context
Managing Database Session-Based Application Contexts for Multiple Applications
Creating a PL/SQL Package to Set the Database Session-Based Application Context
About the Package That Manages the Database Session-Based Application Context
Using the SYS_CONTEXT Function to Retrieve Session Information
Checking the SYS_CONTEXT Settings
Use of Dynamic SQL with SYS_CONTEXT
Use of SYS_CONTEXT in a Parallel Query
Use of SYS_CONTEXT with Database Links
Use of DBMS_SESSION.SET_CONTEXT to Set Session Information
Logon Triggers to Run a Database Session Application Context Package
Tutorial: Creating and Using a Database Session-Based Application Context
Step 1: Create User Accounts and Ensure the User SCOTT Is Active
Step 2: Create the Database Session-Based Application Context
Step 3: Create a Package to Retrieve Session Data and Set the Application Context
Step 4: Create a Logon Trigger for the Package
Step 5: Test the Application Context
Step 6: Remove the Components of This Tutorial
Initializing Database Session-Based Application Contexts Externally
About Initializing Database Session-Based Application Contexts Externally
Default Values from Users
Values from Other External Resources
Initialization of Application Context Values from a Middle-Tier Server
Initializing Database Session-Based Application Contexts Globally
About Initializing Database Session-Based Application Contexts Globally
Using Database Session-Based Application Contexts with LDAP
How Globally Initialized Database Session-Based Application Contexts Work
Initializing a Database Session-Based Application Context Globally
Using Externalized Database Session-Based Application Contexts
Global Application Contexts
About Global Application Contexts
Use of Global Application Contexts in an Oracle Real Application Clusters Environment
Creating Global Application Contexts
Ownership of the Global Application Context
Creating a Global Application Context
PL/SQL Package to Manage a Global Application Context
About the Package That Manages the Global Application Context
How Editions Affects the Results of a Global Application Context PL/SQL Package
DBMS_SESSION.SET_CONTEXT username and client_id Parameters
Sharing Global Application Context Values for All Database Users
Global Contexts for Database Users Who Move Between Applications
Global Application Context for Nondatabase Users
Clearing Session Data When the Session Closes
Embedding Calls in Middle-Tier Applications to Manage the Client Session ID
About Managing Client Session IDs Using a Middle-Tier Application
Step 1: Retrieve the Client Session ID Using a Middle-Tier Application
Step 2: Set the Client Session ID Using a Middle-Tier Application
Step 3: Clear the Session Data Using a Middle-Tier Application
Tutorial: Creating a Global Application Context That Uses a Client Session ID
About This Tutorial
Step 1: Create User Accounts
Step 2: Create the Global Application Context
Step 3: Create a Package for the Global Application Context
Step 4: Test the Newly Created Global Application Context
Step 5: Modify the Session ID and Test the Global Application Context Again
Step 6: Remove the Components of This Tutorial
Global Application Context Processes
Simple Global Application Context Process
Global Application Context Process for Lightweight Users
Using Client Session-Based Application Contexts
About Client Session-Based Application Contexts
Setting a Value in the CLIENTCONTEXT Namespace
Retrieving the CLIENTCONTEXT Namespace
Clearing a Setting in the CLIENTCONTEXT Namespace
Clearing All Settings in the CLIENTCONTEXT Namespace
Application Context Data Dictionary Views
10
Using Oracle Virtual Private Database to Control Data Access
About Oracle Virtual Private Database
What Is Oracle Virtual Private Database?
Benefits of Using Oracle Virtual Private Database Policies
Basing Security Policies on Database Objects Rather Than Applications
Controlling How Oracle Database Evaluates Policy Functions
Who Can Create Oracle Virtual Private Database Policies?
Which Privileges Are Used to Run Oracle Virtual Private Database Policy Functions?
Oracle Virtual Private Database Use with an Application Context
Oracle Virtual Private Database in a Multitenant Environment
Components of an Oracle Virtual Private Database Policy
Function to Generate the Dynamic WHERE Clause
Policies to Attach the Function to the Objects You Want to Protect
Configuration of Oracle Virtual Private Database Policies
About Oracle Virtual Private Database Policies
Attaching a Policy to a Database Table, View, or Synonym
Enforcing Policies on Specific SQL Statement Types
Control of the Display of Column Data with Policies
Policies for Column-Level Oracle Virtual Private Database
Display of Only the Column Rows Relevant to the Query
Uses of Column Masking to Display Sensitive Columns as NULL Values
Oracle Virtual Private Database Policy Groups
About Oracle Virtual Private Database Policy Groups
Creation of a New Oracle Virtual Private Database Policy Group
Default Policy Group with the SYS_DEFAULT Policy Group
Multiple Policies for Each Table, View, or Synonym
Validation of the Application Used to Connect to the Database
Optimizing Performance by Using Oracle Virtual Private Database Policy Types
About Oracle Virtual Private Database Policy Types
Use of the Dynamic Policy Type to Automatically Rerun Policy Functions
Use of a Static Policy to Prevent Policy Functions from Rerunning for Each Query
Use of a Shared Static Policy to Share a Policy with Multiple Objects
When to Use Static and Shared Static Policies
Use of a Context-Sensitive Policy for Application Context Attributes That Change
Using a Shared Context Sensitive Policy to Share a Policy with Multiple Objects
When to Use Context-Sensitive and Shared Context-Sensitive Policies
Summary of the Five Oracle Virtual Private Database Policy Types
Tutorials: Creating Oracle Virtual Private Database Policies
Tutorial: Creating a Simple Oracle Virtual Private Database Policy
About This Tutorial
Step 1: Ensure That the OE User Account Is Active
Step 2: Create a Policy Function
Step 3: Create the Oracle Virtual Private Database Policy
Step 4: Test the Policy
Step 5: Remove the Components of This Tutorial
Tutorial: Implementing a Policy with a Database Session-Based Application Context
About This Tutorial
Step 1: Create User Accounts and Sample Tables
Step 2: Create a Database Session-Based Application Context
Step 3: Create a PL/SQL Package to Set the Application Context
Step 4: Create a Logon Trigger to Run the Application Context PL/SQL Package
Step 5: Test the Logon Trigger
Step 6: Create a PL/SQL Policy Function to Limit User Access to Their Orders
Step 7: Create the New Security Policy
Step 8: Test the New Policy
Step 9: Remove the Components of This Tutorial
Tutorial: Implementing an Oracle Virtual Private Database Policy Group
About This Tutorial
Step 1: Create User Accounts and Other Components for This Tutorial
Step 2: Create the Two Policy Groups
Step 3: Create PL/SQL Functions to Control the Policy Groups
Step 4: Create the Driving Application Context
Step 5: Add the PL/SQL Functions to the Policy Groups
Step 6: Test the Policy Groups
Step 7: Remove the Components of This Tutorial
How Oracle Virtual Private Database Works with Other Oracle Features
Use of Oracle Virtual Private Database Policies with Editions
Using SELECT FOR UPDATE in User Queries on VPD-Protected Tables
How Oracle Virtual Private Database Policies Affect Outer or ANSI Join Operations
How Oracle Virtual Private Database Security Policies Work with Applications
Use of Automatic Reparsing for Fine-Grained Access Control Policy Functions
Use of Oracle Virtual Private Database Policies and Flashback Query
Oracle Virtual Private Database and Oracle Label Security
Using Oracle Virtual Private Database to Enforce Oracle Label Security Policies
Oracle Virtual Private Database and Oracle Label Security Exceptions
Export of Data Using the EXPDP Utility access_method Parameter
User Models and Oracle Virtual Private Database
Oracle Virtual Private Database Data Dictionary Views
11
Using Transparent Sensitive Data Protection
About Transparent Sensitive Data Protection
General Steps for Using Transparent Sensitive Data Protection
Use Cases for Transparent Sensitive Data Protection Policies
Privileges Required for Using Transparent Sensitive Data Protection
How a Multitenant Environment Affects Transparent Sensitive Data Protection
Creating Transparent Sensitive Data Protection Policies
Step 1: Create a Sensitive Type
Step 2: Identify the Sensitive Columns to Protect
Step 3: Import the Sensitive Columns List from ADM into Your Database
Step 4: Create the Transparent Sensitive Data Protection Policy
About Creating the Transparent Sensitive Data Protection Policy
Creating the Transparent Sensitive Data Protection Policy
Setting the Oracle Data Redaction or Virtual Private Database Feature Options
Setting Conditions for the Transparent Sensitive Data Production Policy
Specifying the DBMS_TSDP_PROTECT.ADD_POLICY Procedure
Step 5: Associate the Policy with a Sensitive Type
Step 6: Enable the Transparent Sensitive Data Protection Policy
Enabling Protection for the Current Database in a Protected Source
Enabling Protection for a Specific Table Column
Enabling Protection for a Specific Column Type
Step 7: Optionally, Export the Policy to Other Databases
Altering Transparent Sensitive Data Protection Policies
Disabling Transparent Sensitive Data Protection Policies
Dropping Transparent Sensitive Data Protection Policies
Using the Predefined REDACT_AUDIT Policy to Mask Bind Values
About the REDACT_AUDIT Policy
How Bind Variables Are Considered to be Associated with Sensitive Columns
Bind Variables and Sensitive Columns in the Expressions of Conditions
A Bind Variable and a Sensitive Column Appearing in the Same SELECT Item
Bind Variables in Expressions Assigned to Sensitive Columns in INSERT or UPDATE Operations
How Bind Variables on Sensitive Columns Behave with Views
Disabling and Enabling the REDACT_AUDIT Policy
Using Transparent Sensitive Data Protection Policies with Data Redaction
Using Transparent Sensitive Data Protection Policies with Oracle VPD Policies
About Using TSDP Policies with Oracle Virtual Private Database Policies
DBMS_RLS.ADD_POLICY Parameters That Are Used for TSDP Policies
Tutorial: Creating a TSDP Policy That Uses Virtual Private Database Protection
Step 1: Create the hr_appuser User Account
Step 2: Identify the Sensitive Columns
Step 3: Create an Oracle Virtual Private Database Function
Step 4: Create and Enable a Transparent Sensitive Data Protection Policy
Step 5: Test the Transparent Sensitive Data Protection Policy
Step 6: Remove the Components of This Tutorial
Transparent Sensitive Data Protection Data Dictionary Views
12
Manually Encrypting Data
Security Problems That Encryption Does Not Solve
Principle 1: Encryption Does Not Solve Access Control Problems
Principle 2: Encryption Does Not Protect Against a Malicious Database Administrator
Principle 3: Encrypting Everything Does Not Make Data Secure
Data Encryption Challenges
Encrypted Indexed Data
Generated Encryption Keys
Transmitted Encryption Keys
Storing Encryption Keys
About Storing Encryption Keys
Storage of Encryption Keys in the Database
Storage of Encryption Keys in the Operating System
Users Managing Their Own Encryption Keys
Using Transparent Database Encryption and Tablespace Encryption
Importance of Changing Encryption Keys
Encryption of Binary Large Objects
Data Encryption Storage with the DBMS_CRYPTO Package
Examples of Using the Data Encryption API
Example: Data Encryption Procedure
Example: AES 256-Bit Data Encryption and Decryption Procedures
Example: Encryption and Decryption Procedures for BLOB Data
Data Dictionary Views for Encrypted Data
Part IV Securing Data on the Network
13
Configuring Network Data Encryption and Integrity
About Oracle Data Network Encryption and Integrity
About Oracle Data Network Encryption and Integrity
Advanced Encryption Standard
DES Algorithm Suppport
Triple-DES Support
RSA RC4 Algorithm for High Speed Encryption
Oracle Database Network Encryption Data Integrity
Data Integrity Algorithms Support
Diffie-Hellman Based Key Negotiation
Configuration of Data Encryption and Integrity
About Activating Encryption and Integrity
About Negotiating Encryption and Integrity
About the Values for Negotiating Encryption and Integrity
REJECTED Configuration Parameter
ACCEPTED Configuration Parameter
REQUESTED Configuration Parameter
REQUIRED Configuration Parameter
Configuring Encryption and Integrity Parameters Using Oracle Net Manager
Configuring Encryption on the Client and the Server
Configuring Integrity on the Client and the Server
14
Configuring the Thin JDBC Client Network
About the Java Implementation
Java Database Connectivity Support
Thin JDBC Features
Implementation Overview
Obfuscation of the Java Cryptography Code
Configuration Parameters for the Thin JDBC Network Implementation
About the Thin JDBC Network Implementation Configuration Parameters
Client Encryption Level Parameter
Client Encryption Selected List Parameter
Client Integrity Level Parameter
Client Integrity Selected List Parameter
Client Authentication Service Parameter
AnoServices Constants
Part V Managing Strong Authentication
15
Introduction to Strong Authentication
What Is Strong Authentication?
Centralized Authentication and Single Sign-On
How Centralized Network Authentication Works
Supported Strong Authentication Methods
About Kerberos
About Remote Authentication Dial-In User Service (RADIUS)
About Secure Sockets Layer
Oracle Database Network Encryption/Strong Authentication Architecture
System Requirements for Strong Authentication
Oracle Network Encryption and Strong Authentication Restrictions
16
Strong Authentication Administration Tools
About the Configuration and Administration Tools
Network Encryption and Strong Authentication Configuration Tools
About Oracle Net Manager
Kerberos Adapter Command-Line Utilities
Public Key Infrastructure Credentials Management Tools
About Oracle Wallet Manager
About the orapki Utility
Duties of Strong Authentication Administrators
17
Configuring Kerberos Authentication
Enabling Kerberos Authentication
Step 1: Install Kerberos
Step 2: Configure a Service Principal for an Oracle Database Server
Step 3: Extract a Service Key Table from Kerberos
Step 4: Install an Oracle Database Server and an Oracle Client
Step 5: Configure Oracle Net Services and Oracle Database
Step 6: Configure Kerberos Authentication
Step 6A: Configure Kerberos on the Client and on the Database Server
Step 6B: Set the Initialization Parameters
Step 6C: Set sqlnet.ora Parameters (Optional)
Step 7: Create a Kerberos User
Step 8: Create an Externally Authenticated Oracle User
Step 9: Get an Initial Ticket for the Kerberos/Oracle User
Utilities for the Kerberos Authentication Adapter
okinit Utility Options for Obtaining the Initial Ticket
okinit Utility Options for Displaying Credentials
Removing Credentials from the Cache File with the okdstry Utility
Connecting to an Oracle Database Server Authenticated by Kerberos
Configuring Interoperability with a Windows 2008 Domain Controller KDC
Step 1: Configure Oracle Kerberos Client for a Windows 2008 Domain Controller KDC
Step 1A: Create the Client Kerberos Configuration Files
Step 1B: Specify the Oracle Configuration Parameters in the sqlnet.ora File
Step 1C: Specify the Listening Port Number
Step 2: Configure a Windows 2008 Domain Controller KDC for the Oracle Client
Step 2A: Create the User Account
Step 2B: Create the Oracle Database Principal User Account
Step 3: Configure Oracle Database for a Windows 2008 Domain Controller KDC
Step 3A: Set Configuration Parameters in the sqlnet.ora File
Step 3B: Create an Externally Authenticated Oracle User
Step 4: Obtain an Initial Ticket for the Kerberos/Oracle User
Troubleshooting the Oracle Kerberos Authentication Configuration
18
Configuring Secure Sockets Layer Authentication
Secure Sockets Layer and Transport Layer Security
The Difference Between Secure Sockets Layer and Transport Layer Security
How Oracle Database Uses Secure Sockets Layer for Authentication
How Secure Sockets Layer Works in an Oracle Environment: The SSL Handshake
Public Key Infrastructure in an Oracle Environment
About Public Key Cryptography
Public Key Infrastructure Components in an Oracle Environment
Certificate Authority
Certificates
Certificate Revocation Lists
Wallets
Hardware Security Modules
Secure Sockets Layer Combined with Other Authentication Methods
Architecture: Oracle Database and Secure Sockets Layer
How Secure Sockets Layer Works with Other Authentication Methods
Secure Sockets Layer and Firewalls
Secure Sockets Layer Usage Issues
Enabling Secure Sockets Layer
Step 1: Configure Secure Sockets Layer on the Server
Step 1A: Confirm Wallet Creation on the Server
Step 1B: Specify the Database Wallet Location on the Server
Step 1C: Set the Secure Sockets Layer Cipher Suites on the Server (Optional)
Step 1D: Set the Required Secure Sockets Layer Version on the Server (Optional)
Step 1E: Set SSL Client Authentication on the Server (Optional)
Step 1F: Set SSL as an Authentication Service on the Server (Optional)
Step 1G: Create a Listening Endpoint that Uses TCP/IP with SSL on the Server
Step 2: Configure Secure Sockets Layer on the Client
Step 2A: Confirm Client Wallet Creation
Step 2B: Configure the Server DNs and Use TCP/IP with SSL on the Client
Step 2C: Specify Required Client SSL Configuration (Wallet Location)
Step 2D: Set the Client Secure Sockets Layer Cipher Suites (Optional)
Step 2E: Set the Required SSL Version on the Client (Optional)
Step 2F: Set SSL as an Authentication Service on the Client (Optional)
Step 2G: Specify the Certificate to Use for Authentication on the Client (Optional)
Step 3: Log in to the Database Instance
Troubleshooting the Secure Sockets Layer Configuration
Certificate Validation with Certificate Revocation Lists
About Certificate Validation with Certificate Revocation Lists
What CRLs Should You Use?
How CRL Checking Works
Configuring Certificate Validation with Certificate Revocation Lists
About Configuring Certificate Validation with Certificate Revocation Lists
Enabling Certificate Revocation Status Checking for the Client or Server
Disabling Certificate Revocation Status Checking
Certificate Revocation List Management
About Certificate Revocation List Management
Displaying orapki Help for Commands That Manage CRLs
Renaming CRLs with a Hash Value for Certificate Validation
Uploading CRLs to Oracle Internet Directory
Listing CRLs Stored in Oracle Internet Directory
Viewing CRLs in Oracle Internet Directory
Deleting CRLs from Oracle Internet Directory
Troubleshooting CRL Certificate Validation
Oracle Net Tracing File Error Messages Associated with Certificate Validation
Configuring Your System to Use Hardware Security Modules
About Configuring Your System to Use Hardware Security Modules
General Guidelines for Using Hardware Security Modules for SSL
Configuring Your System to Use nCipher Hardware Security Modules
About Configuring Your System to Use nCipher Hardware Security Modules
Oracle Components Required To Use an nCipher Hardware Security Module
Directory Path Requirements for Installing an nCipher Hardware Security Module
Configuring Your System to Use SafeNET Hardware Security Modules
About Configuring Your System to Use SafeNET Hardware Security Modules
Oracle Components Required for SafeNET Luna SA Hardware Security Modules
Directory Path Requirements for Installing a SafeNET Hardware Security Module
Troubleshooting Using Hardware Security Modules
Errors in the Oracle Net Trace Files
Error Messages Associated with Using Hardware Security Modules
19
Configuring RADIUS Authentication
About Configuring RADIUS Authentication
RADIUS Authentication Modes
Synchronous Authentication Mode
Sequence for Synchronous Authentication Mode
Example: Synchronous Authentication with SecurID Token Cards
Challenge-Response (Asynchronous) Authentication Mode
Sequence for Challenge-Response (Asynchronous) Authentication Mode
Example: Asynchronous Authentication with Smart Cards
Example: Asynchronous Authentication with ActivCard Tokens
Enabling RADIUS Authentication, Authorization, and Accounting
Step 1: Configure RADIUS Authentication
Step 1A: Configure RADIUS on the Oracle Client
Step 1B: Configure RADIUS on the Oracle Database Server
Step 1C: Configure Additional RADIUS Features
Step 2: Create a User and Grant Access
Step 3: Configure External RADIUS Authorization (Optional)
Step 3A: Configure the Oracle Server (RADIUS Client)
Step 3B: Configure the Oracle Client Where Users Log In
Step 3C: Configure the RADIUS Server
Step 4: Configure RADIUS Accounting
Step 4A: Set RADIUS Accounting on the Oracle Database Server
Step 4B: Configure the RADIUS Accounting Server
Step 5: Add the RADIUS Client Name to the RADIUS Server Database
Step 6: Configure the Authentication Server for Use with RADIUS
Step 7: Configure the RADIUS Server for Use with the Authentication Server
Step 8: Configure Mapping Roles
Using RADIUS to Log in to a Database
RSA ACE/Server Configuration Checklist
20
Customizing the Use of Strong Authentication
Connecting with User Name and Password
Disabling Network Encryption and Strong Authentication
Configuring Multiple Authentication Methods
Configuring Oracle Database for External Authentication
Setting the SQLNET.AUTHENTICATION_SERVICES Parameter in the sqlnet.ora File
Setting OS_AUTHENT_PREFIX to a Null Value
Part VI Monitoring Database Activity with Auditing
21
Introduction to Auditing
What Is Auditing?
Why Is Auditing Used?
Best Practices for Auditing
What Is Unified Auditing?
Benefits of the Unified Audit Trail
Checking if Your Database Has Migrated to Unified Auditing
Mixed Mode Auditing
About Mixed Mode Auditing
How Database Creation Determines the Type of Auditing You Have Enabled
Capabilities of Mixed Mode Auditing
Who Can Perform Auditing?
Using Auditing in a Multitenant Environment
Auditing in a Distributed Database
22
Configuring Audit Policies
Selecting an Auditing Type
Auditing SQL Statements, Privileges, and Other General Activities
Auditing Commonly Used Security-Relevant Activities
Auditing Specific, Fine-Grained Activities
Auditing Activities with Unified Audit Policies and the AUDIT Statement
About Auditing Activities with Unified Audit Policies and the AUDIT Statement
Best Practices for Creating Unified Audit Policies
Syntax for Creating a Unified Audit Policy
Auditing Roles
About Role Auditing
Configuring Role Unified Audit Policies
Example: Role Unified Audit Policy
Auditing System Privileges
About System Privilege Auditing
System Privileges That Can Be Audited
System Privileges That Cannot Be Audited
Configuring a Unified Audit Policy to Capture System Privilege Use
Example: Auditing a User Who Has ANY Privileges
Example: Using a Condition to Audit a System Privilege
How System Privilege Unified Audit Policies Appear in the Audit Trail
Auditing Administrative Users
Administrative User Accounts That Can Be Audited
Configuring a Unified Audit Policy to Capture Administrator Activities
Example: Auditing the SYS User
Auditing Object Actions
About Auditing Object Actions
Object Actions That Can Be Audited
Configuring an Object Action Unified Audit Policy
Example: Auditing Actions on SYS Objects
Example: Auditing Multiple Actions on One Object
Example: Auditing Both Actions and Privileges on an Object
Example: Auditing All Actions on a Table
Example: Auditing All Actions in the Database
How Object Action Unified Audit Policies Appear in the Audit Trail
Auditing Functions, Procedures, Packages, and Triggers
Auditing Oracle Virtual Private Database Policy Functions
Using Unified Auditing with Editioned Objects
Auditing SELECT and the READ ANY TABLE or SELECT ANY TABLE Privilege
About Auditing the SELECT Statement and READ ANY TABLE System Privilege
Creating a Unified Audit Policy to Capture READ Object Privilege Operations
How the Unified Audit Trail Captures READ ANY TABLE and SELECT ANY TABLE
How Auditing Works for SQL Statements and Privileges in a Multitier Environment
Creating a Condition for a Unified Audit Policy
About Conditions in Unified Audit Policies
Configuring a Unified Audit Policy with a Condition
Example: Auditing Access to SQL*Plus
Example: Auditing Actions Not in Specific Hosts
Example: Auditing Both a System-Wide and a Schema-Specific Action
Example: Auditing a Condition Per Statement Occurrence
Example: Unified Audit Session ID of a Current Administrative User Session
Example: Unified Audit Session ID of a Current Non-Administrative User Session
How Audit Records from Conditions Appear in the Audit Trail
Auditing Application Context Values
About Auditing Application Context Values
Configuring Application Context Audit Settings
Disabling Application Context Audit Settings
Example: Auditing Application Context Values in a Default Database
Example: Auditing Application Context Values from Oracle Label Security
How Audited Application Contexts Appear in the Audit Trail
Auditing Oracle Database Real Application Security Events
About Auditing Oracle Database Real Application Security Events
Oracle Database Real Application Security Events That You Can Audit
Configuring a Unified Audit Policy for Oracle Database Real Application Security
Example: Auditing Real Application Security User Account Modifications
Example: Using a Condition in a Real Application Security Unified Audit Policy
How Oracle Database Real Application Security Events Appear in the Audit Trail
Auditing Oracle Recovery Manager Events
About Auditing Oracle Recovery Manager Events
Oracle Recovery Manager Events That the Unified Audit Trail Captures
How Oracle Recovery Manager Audited Events Appear in the Audit Trail
Auditing Oracle Database Vault Events
About Auditing Oracle Database Vault Events
Who Is Audited in Oracle Database Vault?
Oracle Database Vault Events That the Unified Audit Trail Captures
Configuring a Unified Audit Policy for Oracle Database Vault
Example: Auditing Two Oracle Database Vault Events
Example: Auditing Oracle Database Vault Factor Settings
How Oracle Database Vault Audited Events Appear in the Audit Trail
Auditing Oracle Label Security Events
About Auditing Oracle Label Security Events
Oracle Label Security Events That You Can Audit
Oracle Label Security User Session Labels That You Can Audit
Configuring a Unified Audit Policy for Oracle Label Security
Example: Auditing Oracle Label Security Session Label Attributes
Example: Excluding a User form an Oracle Label Security Policy
Example: Auditing Oracle Label Security Policy Actions
How Oracle Label Security Audit Events Appear in the Audit Trail
Auditing Oracle Data Mining Events
About Auditing Oracle Data Mining Events
Oracle Data Mining Events That the Unified Audit Trail Captures
Configuring a Unified Audit Policy for Oracle Data Mining
Example: Auditing Multiple Oracle Data Mining Operations by a User
Example: Auditing All Failed Oracle Data Mining Operations by a User
How Oracle Data Mining Events Appear in the Audit Trail
Auditing Oracle Data Pump Events
About Auditing Oracle Data Pump Events
Oracle Data Pump Events That the Unified Audit Trail Captures
Configuring a Unified Audit Policy for Oracle Data Pump
Example: Auditing Oracle Data Pump Import Operations
Example: Auditing All Oracle Data Pump Operations
How Oracle Data Pump Audited Events Appear in the Audit Trail
Auditing Oracle SQL*Loader Direct Load Path Events
About Auditing in Oracle SQL*Loader Direct Path Load Events
Oracle SQL*Loader Direct Load Path Events That the Unified Audit Trail Captures
Configuring a Unified Audit Trail Policy for Oracle SQL*Loader Direct Path Events
Example: Auditing Oracle SQL*Loader Direct Path Load Operations
How SQL*Loader Direct Path Load Audited Events Appear in the Audit Trail
Using the Unified Audit Policies or AUDIT Settings in a Multitenant Environment
About Local and Common Audit Policies
Configuring a Local Unified Audit Policy or Common Unified Audit Policy
Example: Local Unified Audit Policy
Example: Common Unified Audit Policy
How Local or Common Audit Policies or Settings Appear in the Audit Trail
Altering Unified Audit Policies
About Altering Unified Audit Policies
Altering a Unified Audit Policy
Example: Altering a Condition in a Unified Audit Policy
Example: Altering an Oracle Label Security Component in a Unified Audit Policy
Example: Altering Roles in a Unified Audit Policy
Example: Dropping a Condition from a Unified Audit Policy
Enabling and Applying Unified Audit Policies to Users
About Enabling Unified Audit Policies
Enabling a Unified Audit Policy
Disabling Unified Audit Policies
About Disabling Unified Audit Policies
Disabling a Unified Audit Policy
Dropping Unified Audit Policies
About Dropping Unified Audit Policies
Dropping a Unified Audit Policy
Tutorial: Auditing Nondatabase Users
Step 1: Create the User Accounts and Ensure the User OE Is Active
Step 2: Create the Unified Audit Policy
Step 3: Test the Policy
Step 4: Remove the Components of This Tutorial
Auditing Activities with the Predefined Unified Audit Policies
Logon Failures Predefined Unified Audit Policy
Secure Options Predefined Unified Audit Policy
Oracle Database Parameter Changes Predefined Unified Audit Policy
User Account and Privilege Management Predefined Unified Audit Policy
Center for Internet Security Recommendations Predefined Unified Audit Policy
Oracle Database Real Application Security Predfined Audit Policies
System Administrator Operations Predefined Unified Audit Policy
Session Operations Predefined Unified Audit Policy
Oracle Database Vault Predefined Unified Audit Policy
Auditing Specific Activities with Fine-Grained Auditing
About Fine-Grained Auditing
Where Are Fine-Grained Audit Records Stored?
Who Can Perform Fine-Grained Auditing?
Using Fine-Grained Auditing on Tables or Views That Have Oracle VPD Policies
Using Fine-Grained Auditing in a Multitenant Environment
Using Fine-Grained Audit Policies with Editions
Using the DBMS_FGA PL/SQL Package to Manage Fine-Grained Audit Policies
About the DBMS_FGA PL/SQL PL/SQL Package
Using the DBMS_FGA PL/SQL Package with Editions
Using the DBMS_FGA PL/SQL Package in a Multitenant Environment
Creating a Fine-Grained Audit Policy
Example: Using DBMS_FGA.ADD_POLICY to Create a Fine-Grained Audit Policy
Disabling a Fine-Grained Audit Policy
Enabling a Fine-Grained Audit Policy
Dropping a Fine-Grained Audit Policy
Tutorial: Adding an Email Alert to a Fine-Grained Audit Policy
About This Tutorial
Step 1: Install and Configure the UTL_MAIL PL/SQL Package
Step 2: Create User Accounts
Step 3: Configure an Access Control List File for Network Services
Step 4: Create the Email Security Alert PL/SQL Procedure
Step 5: Create and Test the Fine-Grained Audit Policy Settings
Step 6: Test the Alert
Step 7: Remove the Components of This Tutorial
Audit Policy Data Dictionary Views
23
Administering the Audit Trail
Managing the Unified Audit Trail
When Are Audit Records Created?
Activities That Are Mandatorily Audited
How Do Cursors Affect Auditing?
Writing the Unified Audit Trail Records to the AUDSYS Schema
About Writing Unified Audit Trail Records to AUDSYS
Setting the Write Mode for Unified Audit Trail Records
Manually Flushing Audit Records to the Audit Trail in Queued-Write Mode
Moving Operating System Audit Records into the Unified Audit Trail
Disabling Unified Auditing
Archiving the Audit Trail
Archiving the Traditional Operating System Audit Trail
Archiving the Unified and Traditional Database Audit Trails
Purging Audit Trail Records
About Purging Audit Trail Records
Selecting an Audit Trail Purge Method
Purging the Audit Trail on a Regularly Scheduled Basis
Manually Purging the Audit Trail at a Specific Time
Scheduling an Automatic Purge Job for the Audit Trail
About Scheduling an Automatic Purge Job
Step 1: If Necessary, Tune Online and Archive Redo Log Sizes
Step 2: Plan a Timestamp and Archive Strategy
Step 3: Optionally, Set an Archive Timestamp for Audit Records
Step 4: Create and Schedule the Purge Job
Manually Purging the Audit Trail
About Manually Purging the Audit Trail
Using DBMS_AUDIT_MGMT.CLEAN_AUDIT_TRAIL to Manually Purge the Audit Trail
Other Audit Trail Purge Operations
Enabling or Disabling an Audit Trail Purge Job
Setting the Default Audit Trail Purge Job Interval for a Specified Purge Job
Deleting an Audit Trail Purge Job
Clearing the Archive Timestamp Setting
Example: Directly Calling a Unified Audit Trail Purge Operation
Audit Trail Management Data Dictionary Views
Part VII Appendixes
A
Keeping Your Oracle Database Secure
About the Oracle Database Security Guidelines
Downloading Security Patches and Contacting Oracle Regarding Vulnerabilities
Applying Security Patches and Workaround Solutions
Contacting Oracle Security Regarding Vulnerabilities in Oracle Database
Guidelines for Securing User Accounts and Privileges
Guidelines for Securing Roles
Guidelines for Securing Passwords
Guidelines for Securing Data
Guidelines for Securing the ORACLE_LOADER Access Driver
Guidelines for Securing a Database Installation and Configuration
Guidelines for Securing the Network
Securing the Client Connection
Securing the Network Connection
Securing a Secure Sockets Layer Connection
Guideline for Securing External Procedures
Guidelines for Auditing
Keeping Audited Information Manageable
Auditing Typical Database Activity
Auditing Suspicious Database Activity
Recommended Audit Settings
Addressing the CONNECT Role Change
Why Was the CONNECT Role Changed?
How the CONNNECT Role Change Affects Applications
How the CONNECT Role Change Affects Database Upgrades
How the CONNECT Role Change Affects Account Provisioning
How the CONNECT Role Change Affects Applications Using New Databases
How the CONNECT Role Change Affects Users
How the CONNECT Role Change Affects General Users
How the CONNECT Role Change Affects Application Developers
How the CONNECT Role Change Affects Client Server Applications
Approaches to Addressing the CONNECT Role Change
Creating a New Database Role
Restoring the CONNECT Privilege
Data Dictionary View to Show CONNECT Grantees
Least Privilege Analysis Studies
B
Data Encryption and Integrity Parameters
Sample sqlnet.ora File
Data Encryption and Integrity Parameters
About the Data Encryption and Integrity Parameters
SQLNET.ENCRYPTION_SERVER Parameter
SQLNET.ENCRYPTION_CLIENT Parameter
SQLNET.CRYPTO_CHECKSUM_SERVER Parameter
SQLNET.CRYPTO_CHECKSUM_CLIENT Parameter
SQLNET.ENCRYPTION_TYPES_SERVER Parameter
SQLNET.ENCRYPTION_TYPES_CLIENT Parameter
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER Parameter
SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT Parameter
C
Kerberos, SSL, and RADIUS Authentication Parameters
Parameters for Clients and Servers Using Kerberos Authentication
Parameters for Clients and Servers Using Secure Sockets Layer
Secure Sockets Layer Authentication Parameters for Clients and Servers
Cipher Suite Parameters for Secure Sockets Layer
Supported SSL Cipher Suites
Secure Sockets Layer Version Parameters
Secure Sockets Layer Client Authentication Parameters
Secure Sockets Layer X.509 Server Match Parameters
Oracle Wallet Location
Parameters for Clients and Servers Using RADIUS Authentication
sqlnet.ora File Parameters
SQLNET.AUTHENTICATION_SERVICES Parameter
SQLNET.RADIUS_AUTHENTICATION Parameter
SQLNET.RADIUS_AUTHENTICATION_PORT Parameter
SQLNET.RADIUS_AUTHENTICATION_TIMEOUT Parameter
SQLNET.RADIUS_AUTHENTICATION_RETRIES Parameter
SQLNET.RADIUS_SEND_ACCOUNTING Parameter
SQLNET.RADIUS_SECRET Parameter
SQLNET.RADIUS_ALTERNATE Parameter
SQLNET.RADIUS_ALTERNATE_PORT Parameter
SQLNET.RADIUS_ALTERNATE_TIMEOUT Parameter
SQLNET.RADIUS_ALTERNATE_RETRIES Parameter
SQLNET.RADIUS_CHALLENGE_RESPONSE Parameter
SQLNET.RADIUS_CHALLENGE_KEYWORD Parameter
SQLNET.RADIUS_AUTHENTICATION_INTERFACE Parameter
SQLNET.RADIUS_CLASSPATH Parameter
Minimum RADIUS Parameters
Initialization File Parameter
D
Integrating Authentication Devices Using RADIUS
About the RADIUS Challenge-Response User Interface
Customization of the RADIUS Challenge-Response User Interface
E
Oracle Database FIPS 140 Settings
About the Oracle Database FIPS 140 Settings
Configuring Oracle Database for FIPS 140-2
About the FIPS 140-2 Settings
Configuring FIPS 140-2 for Transparent Data Encryption and DBMS_CRYPTO
Configuration of FIPS 140-2 for Secure Sockets Layer
Configuring the SSLFIPS_140 Parameter for Secure Sockets Layer
Selecting SSL Cipher Suites for FIPS 140-2
Postinstallation Checks for FIPS 140-2
Verifying FIPS 140-2 Connections
Configuring Oracle Database for FIPS 140-1
About the FIPS 140-1 Settings
sqlnet.ora FIPS 140-1 Configuration Parameters
About the sqlnet.ora FIPS 140-1 Configuration Parameters
Server Encryption Level Setting
Client Encryption Level Setting
Server Encryption Selection List
Client Encryption Selection List
FIPS Parameter
Postinstallation Checks for FIPS 140-1
Status Information for FIPS 140-1
Physical Security of Computers Using FIPS 140-1
F
Using the orapki Utility to Manage PKI Elements
About the orapki Utility
orapki Utility Syntax
Creating Signed Certificates for Testing Purposes
Managing Oracle Wallets with orapki Utility
About Managing Wallets with orapki
Creating, Viewing, and Modifying Wallets with orapki
Creating a PKCS#12 Wallet
Creating an Auto Login Wallet
Creating an Auto Login Wallet That Is Associated with a PKCS#12 Wallet
Creating an Auto Login Wallet That Is Local to the Computer and User Who Created It
Viewing a Wallet
Modifying the Password for a Wallet
Converting an Oracle Wallet to Use the AES256 Algorithm
Adding Certificates and Certificate Requests to Oracle Wallets with orapki
Exporting Certificates and Certificate Requests from Oracle Wallets with orapki
Managing Certificate Revocation Lists (CRLs) with orapki Utility
orapki Usage Examples
orapki Utility Commands Summary
orapki cert create Command
orapki cert display Command
orapki crl delete Command
orapki crl display Command
orapki crl hash Command
orapki crl list Command
orapki crl upload Command
orapki wallet add Command
orapki wallet convert Command
orapki wallet create Command
orapki wallet display Command
orapki wallet export Command
G
How the Unified Auditing Migration Affects Individual Audit Features
Glossary
Index
Scripting on this page enhances content navigation, but does not change the content in any way.