1/19

Contents

List of Examples

List of Figures

List of Tables

Title and Copyright Information

Preface

• Audience
• Documentation Accessibility
• Related Documents
• Conventions

What's New in Oracle Database Security?

• Oracle Database 11g Release 2 (11.2.0.2) New Security Features
• Oracle Database 11g Release 2 (11.2.0.1) New Security Features
• Oracle Database 11g Release 1 (11.1) New Security Features

1 Introducing Oracle Database Security

• About Oracle Database Security
• Additional Database Security Resources

2 Managing Security for Oracle Database Users

• About User Security
• Creating User Accounts
  • Creating a New User Account
  • Specifying a User Name
  • Assigning the User a Password
  • Assigning a Default Tablespace for the User
  • Assigning a Tablespace Quota for the User
    • Restricting the Quota Limits for User Objects in a Tablespace
    • Granting Users the UNLIMITED TABLESPACE System Privilege
  • Assigning a Temporary Tablespace for the User
  • Specifying a Profile for the User
  • Setting a Default Role for the User
• Altering User Accounts
  • About Altering User Accounts
  • Using the ALTER USER Statement to Alter a User Account
  • Changing Non-SYS User Passwords
  • Changing the SYS User Password
• Configuring User Resource Limits
  • About User Resource Limits
  • Types of System Resources and Limits
    • Limiting the User Session Level
    • Limiting Database Call Levels
    • Limiting CPU Time
    • Limiting Logical Reads
    • Limiting Other Resources
  • Determining Values for Resource Limits of Profiles
  • Managing Resources with Profiles
    • Creating Profiles
    • Dropping Profiles
• Deleting User Accounts
• Finding Information About Database Users and Profiles
  • Using Data Dictionary Views to Find Information About Users and Profiles
  • Listing All Users and Associated Information
  • Listing All Tablespace Quotas
  • Listing All Profiles and Assigned Limits
  • Viewing Memory Use for Each User Session

3 Configuring Authentication

• About Authentication
• Configuring Password Protection
  • What Are the Oracle Database Built-in Password Protections?
  • Minimum Requirements for Passwords
  • Using a Password Management Policy
    • About Managing Passwords
    • Finding User Accounts That Have Default Passwords
    • Configuring Password Settings in the Default Profile
    • Disabling and Enabling the Default Password Security Settings
    • Automatically Locking a User Account After a Failed Login
    • Controlling User Ability to Reuse Previous Passwords
    • Controlling Password Aging and Expiration
    • Password Change Life Cycle
    • Setting the PASSWORD_LIFE_TIME Profile Parameter to a Low Value
    • Enforcing Password Complexity Verification
    • Enabling or Disabling Password Case Sensitivity
  • Ensuring Against Password Security Threats by Using the SHA-1 Hashing Algorithm
  • Managing the Secure External Password Store for Password Credentials
    • About the Secure External Password Store
    • How Does the External Password Store Work?
    • Configuring Clients to Use the External Password Store
    • Managing External Password Store Credentials
• Authenticating Database Administrators
  • Strong Authentication and Centralized Management for Database Administrators
    • Configuring Directory Authentication for Administrative Users
    • Configuring Kerberos Authentication for Administrative Users
    • Configuring Secure Sockets Layer Authentication for Administrative Users
  • Authenticating Database Administrators by Using the Operating System
  • Authenticating Database Administrators by Using Their Passwords
• Using the Database to Authenticate Users
  • About Database Authentication
  • Advantages of Database Authentication
  • Creating a User Who Is Authenticated by the Database
• Using the Operating System to Authenticate Users
• Using the Network to Authenticate Users
  • Authentication Using Secure Sockets Layer
  • Authentication Using Third-Party Services
• Configuring Global User Authentication and Authorization
  • Creating a User Who Is Authorized by a Directory Service
    • Creating a Global User Who Has a Private Schema
    • Creating Multiple Enterprise Users Who Share Schemas
  • Advantages of Global Authentication and Global Authorization
• Configuring an External Service to Authenticate Users and Passwords
  • About External Authentication
  • Advantages of External Authentication
  • Creating a User Who Is Authenticated Externally
  • Authenticating User Logins Using the Operating System
  • Authentication User Logins Using Network Authentication
• Using Multitier Authentication and Authorization
  • Administration and Security in Clients, Application Servers, and Database Servers
• Preserving User Identity in Multitiered Environments
  • Using a Middle Tier Server for Proxy Authentication
    • About Proxy Authentication
    • Advantages of Proxy Authentication
    • Who Can Create Proxy User Accounts?
    • Creating Proxy User Accounts and Authorizing Users to Connect Through Them
    • Using Proxy Authentication with the Secure External Password Store
    • Passing Through the Identity of the Real User by Using Proxy Authentication
    • Limiting the Privilege of the Middle Tier
    • Authorizing a Middle Tier to Proxy and Authenticate a User
    • Authorizing a Middle Tier to Proxy a User Authenticated by Other Means
    • Reauthenticating the User Through the Middle Tier to the Database
  • Using Client Identifiers to Identify Application Users Not Known to the Database
    • About Client Identifiers
    • How Client Identifiers Work in Middle Tier Systems
    • Using the CLIENT_IDENTIFIER Attribute to Preserve User Identity
    • Using CLIENT_IDENTIFIER Independent of Global Application Context
    • Using the DBMS_SESSION PL/SQL Package to Set and Clear the Client Identifier
• Finding Information About User Authentication

4 Configuring Privilege and Role Authorization

• About Privileges and Roles
• Who Should Be Granted Privileges?
• Granting the SYSDBA and SYSOPER Administrative Privileges to Users
• Managing System Privileges
  • About System Privileges
  • Why Is It Important to Restrict System Privileges?
    • Restricting System Privileges by Securing the Data Dictionary
    • Allowing Access to Objects in the SYS Schema
  • Granting and Revoking System Privileges
  • Who Can Grant or Revoke System Privileges?
  • About ANY Privileges and the PUBLIC Role
• Managing User Roles
  • About User Roles
    • The Functionality of Roles
    • Properties of Roles and Why They Are Advantageous
    • Common Uses of Roles
    • How Roles Affect the Scope of a User's Privileges
    • How Roles Work in PL/SQL Blocks
    • How Roles Aid or Restrict DDL Usage
    • How Operating Systems Can Aid Roles
    • How Roles Work in a Distributed Environment
  • Predefined Roles in an Oracle Database Installation
  • Creating a Role
  • Specifying the Type of Role Authorization
    • Authorizing a Role by Using the Database
    • Authorizing a Role by Using an Application
    • Authorizing a Role by Using an External Source
    • Global Role Authorization by an Enterprise Directory Service
  • Granting and Revoking Roles
    • About Granting and Revoking Roles
    • Who Can Grant or Revoke Roles?
  • Dropping Roles
  • Restricting SQL*Plus Users from Using Database Roles
    • Potential Security Problems of Using Ad Hoc Tools
    • Limiting Roles Through the PRODUCT_USER_PROFILE Table
    • Using Stored Procedures to Encapsulate Business Logic
  • Securing Role Privileges by Using Secure Application Roles
• Managing Object Privileges
  • About Object Privileges
  • Granting or Revoking Object Privileges
  • Managing Object Privileges
    • Granting and Revoking Object Privileges
    • Who Can Grant Object Privileges?
    • Using Object Privileges with Synonyms
  • Managing Table Privileges
    • How Table Privileges Affect Data Manipulation Language Operations
    • How Table Privileges Affect Data Definition Language Operations
  • Managing View Privileges
    • About View Privileges
    • Privileges Required to Create Views
    • Increasing Table Security with Views
  • Managing Procedure Privileges
    • Using the EXECUTE Privilege for Procedure Privileges
    • Procedure Execution and Security Domains
    • How Procedure Privileges Affect Definer's Rights
    • How Procedure Privileges Affect Invoker's Rights
    • System Privileges Required to Create or Replace a Procedure
    • System Privileges Required to Compile a Procedure
    • How Procedure Privileges Affect Packages and Package Objects
  • Managing Type Privileges
    • System Privileges for Named Types
    • Object Privileges
    • Method Execution Model
    • Privileges Required to Create Types and Tables Using Types
    • Example of Privileges for Creating Types and Tables Using Types
    • Privileges on Type Access and Object Access
    • Type Dependencies
• Granting a User Privileges and Roles
  • Granting System Privileges and Roles
    • Granting the ADMIN Option
    • Creating a New User with the GRANT Statement
  • Granting Object Privileges
    • Specifying the GRANT OPTION Clause
    • Granting Object Privileges on Behalf of the Object Owner
    • Granting Privileges on Columns
    • Row-Level Access Control
• Revoking Privileges and Roles from a User
  • Revoking System Privileges and Roles
  • Revoking Object Privileges
    • Revoking Object Privileges on Behalf of the Object Owner
    • Revoking Column-Selective Object Privileges
    • Revoking the REFERENCES Object Privilege
  • Cascading Effects of Revoking Privileges
    • Cascading Effects When Revoking System Privileges
    • Cascading Effects When Revoking Object Privileges
• Granting to and Revoking from the PUBLIC Role
• Granting Roles Using the Operating System or Network
  • About Granting Roles Using the Operating System or Network
  • Using Operating System Role Identification
  • Using Operating System Role Management
  • Granting and Revoking Roles When OS_ROLES Is Set to TRUE
  • Enabling and Disabling Roles When OS_ROLES Is Set to TRUE
  • Using Network Connections with Operating System Role Management
• When Do Grants and Revokes Take Effect?
  • How the SET ROLE Statement Affects Grants and Revokes
  • Specifying a Default Role
  • The Maximum Number of Roles That a User Can Enable
• Managing Fine-Grained Access in PL/SQL Packages and Types
  • About Fine-Grained Access Control to External Network Services
  • About Access Control to Wallets
  • Upgrading Applications That Depend on Packages That Use External Network Services
  • Creating an Access Control List for External Network Services
    • Step 1: Create the Access Control List and Its Privilege Definitions
    • Step 2: Assign the Access Control List to One or More Network Hosts
  • Configuring Access Control to a Wallet
    • Step 1: Create an Oracle Wallet
    • Step 2: Create an Access Control List that Grants the Wallet Privileges
    • Step 3: Assign the Access Control List to the Wallet
    • Step 4: Make the HTTP Request with the Passwords and Client Certificates
  • Examples of Creating Access Control Lists
    • Example of an Access Control List for a Single Role and Network Connection
    • Example of an Access Control List with Multiple Roles Assigned to Multiple Hosts
    • Example of an Access Control List for Using Passwords in a Non-Shared Wallet
    • Example of an Access Control List for Wallets in a Shared Database Session
  • Specifying a Group of Network Host Computers
  • Precedence Order for a Host Computer in Multiple Access Control List Assignments
  • Precedence Order for a Host in Access Control List Assignments with Port Ranges
  • Checking Privilege Assignments That Affect User Access to a Network Host
    • How a DBA Can Check User Network Connection and Domain Privileges
    • How Users Can Check Their Network Connection and Domain Privileges
  • Setting the Precedence of Multiple Users and Roles in One Access Control List
  • Finding Information About Access Control Lists Configured for User Access
• Finding Information About User Privileges and Roles
  • Listing All System Privilege Grants
  • Listing All Role Grants
  • Listing Object Privileges Granted to a User
  • Listing the Current Privilege Domain of Your Session
  • Listing Roles of the Database
  • Listing Information About the Privilege Domains of Roles

5 Managing Security for Application Developers

• About Application Security Policies
• Considerations for Using Application-Based Security
  • Are Application Users Also Database Users?
  • Is Security Better Enforced in the Application or in the Database?
• Securing Passwords in Application Design
  • General Guidelines for Securing Passwords in Applications
    • Platform-Specific Security Threats
    • Designing Applications to Handle Password Input
    • Configuring Password Formats and Behavior
    • Handling Passwords in SQL*Plus and SQL Scripts
  • Securing Passwords Using an External Password Store
  • Securing Passwords Using the orapwd Utility
  • Example of Reading Passwords in Java
• Managing Application Privileges
• Creating Secure Application Roles to Control Access to Applications
  • Step 1: Create the Secure Application Role
  • Step 2: Create a PL/SQL Package to Define the Access Policy for the Application
• Associating Privileges with User Database Roles
  • Why Users Should Only Have the Privileges of the Current Database Role
  • Using the SET ROLE Statement to Automatically Enable or Disable Roles
• Protecting Database Objects by Using Schemas
  • Protecting Database Objects in a Unique Schema
  • Protecting Database Objects in a Shared Schema
• Managing Object Privileges in an Application
  • What Application Developers Need to Know About Object Privileges
  • SQL Statements Permitted by Object Privileges
• Parameters for Enhanced Security of Database Communication
  • Reporting Bad Packets Received on the Database from Protocol Errors
  • Terminating or Resuming Server Execution After Receiving a Bad Packet
  • Configuring the Maximum Number of Authentication Attempts
  • Controlling the Display of the Database Version Banner
  • Configuring Banners for Unauthorized Access and Auditing User Actions

6 Using Application Contexts to Retrieve User Information

• About Application Contexts
  • What Is an Application Context?
  • Components of the Application Context
  • Where Are the Application Context Values Stored?
  • Benefits of Using Application Contexts
  • How Editions Affects Application Context Values
• Types of Application Contexts
• Using Database Session-Based Application Contexts
  • About Database Session-Based Application Contexts
  • Creating a Database Session-Based Application Context
  • Creating a PL/SQL Package to Set the Database Session-Based Application Context
    • About the Package That Manages the Database Session-Based Application Context
    • Using SYS_CONTEXT to Retrieve Session Information
    • Using Dynamic SQL with SYS_CONTEXT
    • Using SYS_CONTEXT in a Parallel Query
    • Using SYS_CONTEXT with Database Links
    • Using DBMS_SESSION.SET_CONTEXT to Set Session Information
  • Creating a Logon Trigger to Run a Database Session Application Context Package
  • Tutorial: Creating and Using a Database Session-Based Application Context
    • About This Tutorial
    • Step 1: Create User Accounts and Ensure the User SCOTT Is Active
    • Step 2: Create the Database Session-Based Application Context
    • Step 3: Create a Package to Retrieve Session Data and Set the Application Context
    • Step 4: Create a Logon Trigger for the Package
    • Step 5: Test the Application Context
    • Step 6: Remove the Components for This Tutorial
  • Initializing Database Session-Based Application Contexts Externally
    • Obtaining Default Values from Users
    • Obtaining Values from Other External Resources
    • Initializing Application Context Values from a Middle-Tier Server
  • Initializing Database Session-Based Application Contexts Globally
    • About Initializing Database Session-Based Application Contexts Globally
    • Using Database Session-Based Application Contexts with LDAP
    • How Globally Initialized Database Session-Based Application Contexts Work
    • Example of Initializing a Database Session-Based Application Context Globally
  • Using Externalized Database Session-Based Application Contexts
• Using Global Application Contexts
  • About Global Application Contexts
  • Using Global Application Contexts in an Oracle Real Application Clusters Environment
  • Creating a Global Application Context
  • Creating a PL/SQL Package to Manage a Global Application Context
    • About the Package That Manages the Global Application Context
    • How Editions Affects the Results of a Global Application Context PL/SQL Package
    • Setting the DBMS_SESSION.SET_CONTEXT username and client_id Parameters
    • Sharing Global Application Context Values for All Database Users
    • Setting a Global Context for Database Users Who Move Between Applications
    • Setting a Global Application Context for Nondatabase Users
    • Clearing Session Data When the Session Closes
  • Embedding Calls in Middle-Tier Applications to Manage the Client Session ID
    • About Managing Client Session IDs Using a Middle-Tier Application
    • Retrieving the Client Session ID Using a Middle-Tier Application
    • Setting the Client Session ID Using a Middle-Tier Application
    • Clearing Session Data Using a Middle-Tier Application
  • Tutorial: Creating a Global Application Context That Uses a Client Session ID
    • About This Tutorial
    • Step 1: Create User Accounts
    • Step 2: Create the Global Application Context
    • Step 3: Create a Package for the Global Application Context
    • Step 4: Test the Global Application Context
    • Step 5: Remove the Components for This Tutorial
  • Global Application Context Processes
    • Simple Global Application Context Process
    • Global Application Context Process for Lightweight Users
• Using Client Session-Based Application Contexts
  • About Client Session-Based Application Contexts
  • Setting a Value in the CLIENTCONTEXT Namespace
  • Retrieving the CLIENTCONTEXT Namespace
  • Clearing a Setting in the CLIENTCONTEXT Namespace
  • Clearing All Settings in the CLIENTCONTEXT Namespace
• Finding Information About Application Contexts

7 Using Oracle Virtual Private Database to Control Data Access

• About Oracle Virtual Private Database
  • What Is Oracle Virtual Private Database?
  • Benefits of Using Oracle Virtual Private Database Policies
    • Basing Security Policies on Database Objects Rather Than Applications
    • Controlling How Oracle Database Evaluates Policy Functions
  • Which Privileges Are Used to Run Oracle Virtual Private Database Policy Functions?
  • Using Oracle Virtual Private Database with an Application Context
• Components of an Oracle Virtual Private Database Policy
  • Creating a Function to Generate the Dynamic WHERE Clause
  • Creating a Policy to Attach the Function to the Objects You Want to Protect
• Configuring an Oracle Virtual Private Database Policy
  • About Oracle Virtual Private Database Policies
  • Attaching a Policy to a Database Table, View, or Synonym
  • Enforcing Policies on Specific SQL Statement Types
  • Controlling the Display of Column Data with Policies
    • Adding Policies for Column-Level Oracle Virtual Private Database
    • Displaying Only the Column Rows Relevant to the Query
    • Using Column Masking to Display Sensitive Columns as NULL Values
  • Working with Oracle Virtual Private Database Policy Groups
    • About Oracle Virtual Private Database Policy Groups
    • Creating a New Oracle Virtual Private Database Policy Group
    • Designating a Default Policy Group with the SYS_DEFAULT Policy Group
    • Establishing Multiple Policies for Each Table, View, or Synonym
    • Validating the Application Used to Connect to the Database
  • Optimizing Performance by Using Oracle Virtual Private Database Policy Types
    • About Oracle Virtual Private Database Policy Types
    • Using the Dynamic Policy Type to Automatically Rerun Policy Functions
    • Using a Static Policy to Prevent Policy Functions from Rerunning for Each Query
    • Using a Shared Static Policy to Share a Policy with Multiple Objects
    • When to Use Static and Shared Static Policies
    • Using a Context-Sensitive Policy for Predicates That Do Not Change After Parsing
    • Using a Shared Context Sensitive Policy to Share a Policy with Multiple Objects
    • When to Use Context-Sensitive and Shared Context-Sensitive Policies
    • Summary of the Five Oracle Virtual Private Database Policy Types
• Tutorials: Creating Oracle Virtual Private Database Policies
  • Tutorial: Creating a Simple Oracle Virtual Private Database Policy
    • About This Tutorial
    • Step 1: Ensure That the OE User Account Is Active
    • Step 2: Create a Policy Function
    • Step 3: Create the Oracle Virtual Private Database Policy
    • Step 4: Test the Policy
    • Step 5: Remove the Components for This Tutorial
  • Tutorial: Implementing a Policy with a Database Session-Based Application Context
    • About This Tutorial
    • Step 1: Create User Accounts and Sample Tables
    • Step 2: Create a Database Session-Based Application Context
    • Step 3: Create a PL/SQL Package to Set the Application Context
    • Step 4: Create a Logon Trigger to Run the Application Context PL/SQL Package
    • Step 5: Create a PL/SQL Policy Function to Limit User Access to Their Orders
    • Step 6: Create the New Security Policy
    • Step 7: Test the New Policy
    • Step 8: Remove the Components for This Tutorial
  • Tutorial: Implementing an Oracle Virtual Private Database Policy Group
    • About This Tutorial
    • Step 1: Create User Accounts and Other Components for This Tutorial
    • Step 2: Create the Two Policy Groups
    • Step 3: Create PL/SQL Functions to Control the Policy Groups
    • Step 4: Add the PL/SQL Functions to the Policy Groups
    • Step 5: Create the Driving Application Context
    • Step 6: Test the Policy Groups
    • Step 7: Remove the Components for This Tutorial
• How Oracle Virtual Private Database Works with Other Oracle Features
  • Using Oracle Virtual Private Database Policies with Editions
  • Using SELECT FOR UPDATE in User Queries on VPD-Protected Tables
  • How Oracle Virtual Private Database Policies Affect Outer or ANSI Join Operations
  • How Oracle Virtual Private Database Security Policies Work with Applications
  • Using Automatic Reparsing for Fine-Grained Access Control Policy Functions
  • Using Oracle Virtual Private Database Policies and Flashback Query
  • Using Oracle Virtual Private Database and Oracle Label Security
    • Using Oracle Virtual Private Database to Enforce Oracle Label Security Policies
    • Oracle Virtual Private Database and Oracle Label Security Exceptions
  • Exporting Data Using the EXPDP Utility access_method Parameter
  • User Models and Oracle Virtual Private Database
• Finding Information About Oracle Virtual Private Database Policies

8 Developing Applications Using the Data Encryption API

• Security Problems That Encryption Does Not Solve
  • Principle 1: Encryption Does Not Solve Access Control Problems
  • Principle 2: Encryption Does Not Protect Against a Malicious Database Administrator
  • Principle 3: Encrypting Everything Does Not Make Data Secure
• Data Encryption Challenges
  • Encrypting Indexed Data
  • Generating Encryption Keys
  • Transmitting Encryption Keys
  • Storing Encryption Keys
    • Storing the Encryption Keys in the Database
    • Storing the Encryption Keys in the Operating System
    • Users Managing Their Own Encryption Keys
    • Using Transparent Database Encryption and Tablespace Encryption
  • Changing Encryption Keys
  • Encrypting Binary Large Objects
• Storing Data Encryption by Using the DBMS_CRYPTO Package
• Examples of Using the Data Encryption API
  • Example of a Data Encryption Procedure
  • Example of AES 256-Bit Data Encryption and Decryption Procedures
  • Example of Encryption and Decryption Procedures for BLOB Data
• Finding Information About Encrypted Data

9 Verifying Security Access with Auditing

• About Auditing
  • What Is Auditing?
  • Why Is Auditing Used?
  • Protecting the Database Audit Trail
  • Activities That Are Always Written to the Standard and Fine-Grained Audit Records
  • Activities That Are Always Audited for All Platforms
  • Auditing in a Distributed Database
  • Best Practices for Auditing
• Selecting an Auditing Type
  • Auditing SQL Statements, Privileges, and Other General Activities
  • Auditing Commonly Used Security-Relevant Activities
  • Auditing Specific, Fine-Grained Activities
• Auditing General Activities with Standard Auditing
  • About Standard Auditing
    • What Is Standard Auditing?
    • Who Can Perform Standard Auditing?
    • When Are Standard Audit Records Created?
  • Configuring Standard Auditing with the AUDIT_TRAIL Initialization Parameter
    • Enabling or Disabling the Standard Audit Trail
    • Settings for the AUDIT_TRAIL Initialization Parameter
  • What Do the Operating System and Database Audit Trails Have in Common?
  • Using the Operating System Audit Trail
    • About the Operating System Trail
    • What Do Operating System Audit Trail Records Look Like?
    • Advantages of the Operating System Audit Trail
    • How the Operating System Audit Trail Works
    • Specifying a Directory for the Operating System Audit Trail
  • Using the Syslog Audit Trail on UNIX Systems
    • About the Syslog Audit Trail
    • Format of the Information Stored in the Syslog Audit Trail
    • What Does the Syslog Audit Trail Look Like?
    • Configuring Syslog Auditing
  • How the AUDIT and NOAUDIT SQL Statements Work
    • Enabling Standard Auditing with the AUDIT SQL Statement
    • Auditing Statement Executions: Successful, Unsuccessful, or Both
    • How Standard Audit Records Are Generated
    • How Do Cursors Affect Standard Auditing?
    • Benefits of Using the BY ACCESS Clause in the AUDIT Statement
    • Auditing Actions Performed by Specific Users
    • Removing the Audit Option with the NOAUDIT SQL Statement
  • Auditing SQL Statements
    • About SQL Statement Auditing
    • Types of SQL Statements That Are Audited
    • Configuring SQL Statement Auditing
    • Removing SQL Statement Auditing
  • Auditing Privileges
    • About Privilege Auditing
    • Types of Privileges That Can Be Audited
    • Configuring Privilege Auditing
    • Removing Privilege Auditing
  • Auditing SQL Statements and Privileges in a Multitier Environment
  • Auditing Schema Objects
    • About Schema Object Auditing
    • Types of Schema Objects That Can Be Audited
    • Using Standard Auditing with Editioned Objects
    • Schema Object Audit Options for Views, Procedures, and Other Elements
    • Configuring Schema Object Auditing
    • Removing Object Auditing
    • Setting Audit Options for Objects That May Be Created in the Future
  • Auditing Directory Objects
    • About Directory Object Auditing
    • Configuring Directory Object Auditing
    • Removing Directory Object Auditing
  • Auditing Functions, Procedures, Packages, and Triggers
    • About Auditing Functions, Procedures, Packages, and Triggers
    • Configuring the Auditing of Functions, Procedures, Packages, and Triggers
    • Removing the Auditing of Functions, Procedures, Packages, and Triggers
  • Auditing Network Activity
    • About Network Auditing
    • Configuring Network Auditing
    • Removing Network Auditing
• Using Default Auditing for Security-Relevant SQL Statements and Privileges
  • About the Default Auditing Settings
  • Privileges That Oracle Database Audits by Default
  • Disabling and Enabling Default Audit Settings
• Auditing Specific Activities with Fine-Grained Auditing
  • About Fine-Grained Auditing
  • Where Are Fine-Grained Audit Records Stored?
  • Advantages of Fine-Grained Auditing
  • What Permissions Are Needed to Create a Fine-Grained Audit Policy?
  • Activities That Are Always Audited in Fine-Grained Auditing
  • Using Fine-Grained Audit Policies with Editions
  • Creating an Audit Trail for Fine-Grained Audit Records
  • How the Fine-Grained Audit Trail Generates Records
  • Using the DBMS_FGA Package to Manage Fine-Grained Audit Policies
    • About the DBMS_FGA PL/SQL Package
    • Creating a Fine-Grained Audit Policy
    • Disabling and Enabling a Fine-Grained Audit Policy
    • Dropping a Fine-Grained Audit Policy
  • Tutorial: Adding an Email Alert to a Fine-Grained Audit Policy
    • About This Tutorial
    • Step 1: Install and Configure the UTL_MAIL PL/SQL Package
    • Step 2: Create User Accounts
    • Step 3: Configure an Access Control List File for Network Services
    • Step 4: Create the Email Security Alert PL/SQL Procedure
    • Step 5: Create and Test the Fine-Grained Audit Policy Settings
    • Step 6: Test the Alert
    • Step 7: Remove the Components for This Tutorial
  • Tutorial: Auditing Nondatabase Users
    • About This Tutorial
    • Step 1: Create the User Account and Ensure the User HR Is Active
    • Step 2: Create the Fine-Grained Audit Policy
    • Step 3: Test the Policy
    • Step 4: Remove the Components for This Tutorial
• Auditing SYS Administrative Users
  • Auditing User SYSTEM
  • Auditing User SYS and Users Who Connect as SYSDBA and SYSOPER
• Using Triggers to Write Audit Data to a Separate Table
• Managing Audit Trail Records
  • About Audit Records
  • Managing the Database Audit Trail
    • Database Audit Trail Contents
    • Controlling the Size of the Database Audit Trail
    • Moving the Database Audit Trail to a Different Tablespace
    • Auditing the Database Audit Trail
    • Archiving the Database Audit Trail
  • Managing the Operating System Audit Trail
    • If the Operating System Audit Trail Becomes Full
    • Setting the Size of the Operating System Audit Trail
    • Setting the Age of the Operating System Audit Trail
    • Archiving the Operating System Audit Trail
• Purging Audit Trail Records
  • About Purging Audit Trail Records
  • Selecting an Audit Trail Purge Method
  • Scheduling an Automatic Purge Job for the Audit Trail
    • Step 1: If Necessary, Tune Online and Archive Redo Log Sizes
    • Step 2: Plan a Timestamp and Archive Strategy
    • Step 3: Initialize the Audit Trail Cleanup Operation
    • Step 4: Optionally, Set an Archive Timestamp for Audit Records
    • Step 5: Create and Schedule the Purge Job
    • Step 6: Optionally, Configure the Audit Trail Records to be Deleted in Batches
  • Manually Purging the Audit Trail
  • Purging a Subset of Records from the Database Audit Trail
  • Other Audit Trail Purge Operations
    • Verifying That the Audit Trail Is Initialized for Cleanup
    • Setting the Default Audit Trail Purge Interval for Any Audit Trail Type
    • Cancelling the Initialization Cleanup Settings
    • Enabling or Disabling an Audit Trail Purge Job
    • Setting the Default Audit Trail Purge Job Interval for a Specified Purge Job
    • Deleting an Audit Trail Purge Job
    • Clearing the Archive Timestamp Setting
    • Clearing the Database Audit Trail Batch Size
  • Example: Directly Calling a Database Audit Trail Purge Operation
• Finding Information About Audited Activities
  • Using Data Dictionary Views to Find Information About the Audit Trail
  • Using Audit Trail Views to Investigate Suspicious Activities
    • Listing Active Statement Audit Options
    • Listing Active Privilege Audit Options
    • Listing Active Object Audit Options for Specific Objects
    • Listing Default Object Audit Options
    • Listing Audit Records
    • Listing Audit Records for the AUDIT SESSION Option
  • Deleting the Audit Trail Views

10 Keeping Your Oracle Database Secure

• About the Security Guidelines in This Chapter
• Downloading Security Patches and Contacting Oracle Regarding Vulnerabilities
  • Applying Security Patches and Workaround Solutions
  • Contacting Oracle Security Regarding Vulnerabilities in Oracle Database
• Guidelines for Securing User Accounts and Privileges
• Guidelines for Securing Roles
• Guidelines for Securing Passwords
• Guidelines for Securing Data
• Guidelines for Securing the ORACLE_LOADER Access Driver
• Guidelines for Securing a Database Installation and Configuration
• Guidelines for Securing the Network
  • Securing the Client Connection
  • Securing the Network Connection
  • Securing a Secure Sockets Layer Connection
• Guidelines for Auditing
  • Auditing Sensitive Information
  • Keeping Audited Information Manageable
  • Auditing Typical Database Activity
  • Auditing Suspicious Database Activity
  • Recommended Audit Settings
• Addressing the CONNECT Role Change
  • Why Was the CONNECT Role Changed?
  • How the CONNNECT Role Change Affects Applications
    • How the CONNECT Role Change Affects Database Upgrades
    • How the CONNECT Role Change Affects Account Provisioning
    • How the CONNECT Role Change Affects Applications Using New Databases
  • How the CONNECT Role Change Affects Users
    • How the CONNECT Role Change Affects General Users
    • How the CONNECT Role Change Affects Application Developers
    • How the CONNECT Role Change Affects Client Server Applications
  • Approaches to Addressing the CONNECT Role Change
    • Approach 1: Create a New Database Role
    • Approach 2: Restore CONNECT Privileges
    • Approach 3: Conduct Least Privilege Analysis

Glossary

Index