Contents
- Audience
- Documentation Accessibility
- Organization
- Related Documentation
- Conventions
- New Features in Virtual Private Database
- New Features in Auditing
- New PL/SQL Encryption Package: DBMS_CRYPTO
- 1.1 Identity Management: Security in Complex, High-Volume Environments
-
- 1.1.1 Desired Benefits of Identity Management
- 1.1.2 Components of Oracle Identity Management Infrastructure
- 2.1 Physical Access Control Checklist
- 2.2 Personnel Checklist
- 2.3 Secure Installation and Configuration Checklist
- 2.4 Networking Security Checklists
-
- 2.4.1 SSL Checklist
- 2.4.2 Client Checklist
- 2.4.3 Listener Checklist
- 2.4.4 Network Checklist
- 3.1 Introduction to Database Security Policies
-
- 3.1.1 Security Threats and Countermeasures
- 3.1.2 What Information Security Policies Can Cover
- 3.2 Recommended Application Design Practices to Reduce Risk
-
- 3.2.1 Tip 1: Enable and Disable Roles Promptly
- 3.2.2 Tip 2: Encapsulate Privileges in Stored Procedures
- 3.2.3 Tip 3: Use Role Passwords Unknown to the User
- 3.2.4 Tip 4: Use Proxy Authentication and a Secure Application Role
- 3.2.5 Tip 5: Use Secure Application Roles to Verify IP Address
- 3.2.6 Tip 6: Use Application Context and Fine-Grained Access Control
- 4.1 Authentication by the Operating System
- 4.2 Authentication by the Network
-
- 4.2.1 Authentication Using SSL
- 4.2.2 Authentication Using Third-Party Services
-
- 4.2.2.1 Kerberos Authentication
- 4.2.2.2 PKI-Based Authentication
- 4.2.2.3 Authentication with RADIUS
- 4.2.2.4 Directory-Based Services
- 4.3 Authentication by Oracle Database
-
- 4.3.1 Password Encryption While Connecting
- 4.3.2 Account Locking
- 4.3.3 Password Lifetime and Expiration
- 4.3.4 Password History
- 4.3.5 Password Complexity Verification
- 4.4 Multitier Authentication and Authorization
-
- 4.4.1 Clients, Application Servers, and Database Servers
- 4.4.2 Security Issues for Middle-Tier Applications
- 4.4.3 Identity Issues in a Multitier Environment
- 4.4.4 Restricted Privileges in a Multitier Environment
-
- 4.4.4.1 Client Privileges
- 4.4.4.2 Application Server Privileges
- 4.5 Authentication of Database Administrators
- 5.1 Introduction to Privileges
-
- 5.1.1 System Privileges
-
- 5.1.1.1 Granting and Revoking System Privileges
- 5.1.1.2 Who Can Grant or Revoke System Privileges?
- 5.1.2 Schema Object Privileges
-
- 5.1.2.1 Granting and Revoking Schema Object Privileges
- 5.1.2.2 Who Can Grant Schema Object Privileges?
- 5.1.2.3 Using Privileges with Synonyms
- 5.1.3 Table Privileges
-
- 5.1.3.1 DML Operations
- 5.1.3.2 DDL Operations
- 5.1.4 View Privileges
-
- 5.1.4.1 Privileges Required to Create Views
- 5.1.4.2 Increasing Table Security with Views
- 5.1.5 Procedure Privileges
-
- 5.1.5.1 Procedure Execution and Security Domains
- 5.1.5.2 System Privileges Needed to Create or Alter a Procedure
- 5.1.5.3 Packages and Package Objects
- 5.1.6 Type Privileges
-
- 5.1.6.1 System Privileges for Named Types
- 5.1.6.2 Object Privileges
- 5.1.6.3 Method Execution Model
- 5.1.6.4 Privileges Required to Create Types and Tables Using Types
- 5.1.6.5 Example of Privileges for Creating Types and Tables Using Types
- 5.1.6.6 Privileges on Type Access and Object Access
- 5.1.6.7 Type Dependencies
- 5.2 Introduction to Roles
-
- 5.2.1 Properties of Roles
- 5.2.2 Common Uses of Roles
-
- 5.2.2.1 Application Roles
- 5.2.2.2 User Roles
- 5.2.3 Granting and Revoking Roles
-
- 5.2.3.1 Who Can Grant or Revoke Roles?
- 5.2.4 Security Domains of Roles and Users
- 5.2.5 PL/SQL Blocks and Roles
-
- 5.2.5.1 Named Blocks with Definer's Rights
- 5.2.5.2 Anonymous Blocks with Invoker's Rights
- 5.2.6 DDL Statements and Roles
- 5.2.7 Predefined Roles
- 5.2.8 Operating System and Roles
- 5.2.9 Roles in a Distributed Environment
- 5.2.10 Secure Application Roles
-
- 5.2.10.1 Creation of Secure Application Roles
- 5.3 User Resource Limits
-
- 5.3.1 Types of System Resources and Limits
-
- 5.3.1.1 Session Level
- 5.3.1.2 Call Level
- 5.3.1.3 CPU Time
- 5.3.1.4 Logical Reads
- 5.3.1.5 Limiting Other Resources
- 5.4 Profiles
-
- 5.4.1 Determining Values for Resource Limits
- 6.1 Introduction to Views
- 6.2 Fine-Grained Access Control
-
- 6.2.1 Dynamic Predicates
- 6.2.2 Application Context
- 6.2.3 Dynamic Contexts
- 6.3 Security Followup: Auditing and Prevention
- 7.1 System Security Policy
-
- 7.1.1 Database User Management
- 7.1.2 User Authentication
- 7.1.3 Operating System Security
- 7.2 Data Security Policy
- 7.3 User Security Policy
-
- 7.3.1 General User Security
-
- 7.3.1.1 Password Security
- 7.3.1.2 Privilege Management
- 7.3.2 End-User Security
-
- 7.3.2.1 Using Roles for End-User Privilege Management
- 7.3.2.2 Using a Directory Service for End-User Privilege Management
- 7.3.3 Administrator Security
-
- 7.3.3.1 Protection for Connections as SYS and SYSTEM
- 7.3.3.2 Protection for Administrator Connections
- 7.3.3.3 Using Roles for Administrator Privilege Management
- 7.3.4 Application Developer Security
-
- 7.3.4.1 Application Developers and Their Privileges
- 7.3.4.2 Application Developer Environment: Test and Production Databases
- 7.3.4.3 Free Versus Controlled Application Development
- 7.3.4.4 Roles and Privileges for Application Developers
- 7.3.4.5 Space Restrictions Imposed on Application Developers
- 7.3.5 Application Administrator Security
- 7.4 Password Management Policy
-
- 7.4.1 Account Locking
- 7.4.2 Password Aging and Expiration
- 7.4.3 Password History
- 7.4.4 Password Complexity Verification
-
- 7.4.4.1 Password Verification Routine Formatting Guidelines
- 7.4.4.2 Sample Password Verification Routine
- 7.5 Auditing Policy
- 7.6 A Security Checklist
- 8.1 Auditing Types and Records
-
- 8.1.1 Audit Records and Audit Trails
-
- 8.1.1.1 Database Audit Trail (DBA_AUDIT_TRAIL)
- 8.1.1.2 Operating System Audit Trail
- 8.1.1.3 Syslog Audit Trail
- 8.1.1.4 Operating System and Syslog Audit Records
- 8.1.1.5 Records Always in the Operating System and Syslog Audit Trail
- 8.1.2 When Are Audit Records Created?
- 8.2 Statement Auditing
- 8.3 Privilege Auditing
- 8.4 Schema Object Auditing
-
- 8.4.1 Schema Object Audit Options for Views, Procedures, and Other Elements
- 8.5 Focusing Statement, Privilege, and Schema Object Auditing
-
- 8.5.1 Auditing Statement Executions: Successful, Unsuccessful, or Both
- 8.5.2 Number of Audit Records from Multiple Executions of a Statement
-
- 8.5.2.1 BY SESSION
- 8.5.2.2 BY ACCESS
- 8.5.3 Audit by User
- 8.6 Auditing in a Multitier Environment
- 8.7 Fine-Grained Auditing
- 9.1 How Does the External Password Store Work?
- 9.2 Configuring Clients to Use the External Password Store
- 9.3 Managing External Password Store Credentials
-
- 9.3.1 Listing External Password Store Contents
- 9.3.2 Adding Credentials to an External Password Store
- 9.3.3 Modifying Credentials in an External Password Store
- 9.3.4 Deleting Credentials from an External Password Store
- 10.1 User Authentication Methods
-
- 10.1.1 Database Authentication
-
- 10.1.1.1 Creating a User Who Is Authenticated by the Database
- 10.1.1.2 Advantages of Database Authentication
- 10.1.2 External Authentication
-
- 10.1.2.1 Creating a User Who Is Authenticated Externally
- 10.1.2.2 Operating System Authentication
- 10.1.2.3 Network Authentication
- 10.1.2.4 Advantages of External Authentication
- 10.1.3 Global Authentication and Authorization
-
- 10.1.3.1 Creating a User Who Is Authorized by a Directory Service
- 10.1.3.2 Advantages of Global Authentication and Global Authorization
- 10.1.4 Proxy Authentication and Authorization
-
- 10.1.4.1 Authorizing a Middle Tier to Proxy and Authenticate a User
- 10.1.4.2 Authorizing a Middle Tier to Proxy a User Authenticated by Other Means
- 11.1 Managing Oracle Users
-
- 11.1.1 Creating Users
-
- 11.1.1.1 Specifying a Name
- 11.1.1.2 Setting Up User Authentication
- 11.1.1.3 Assigning a Default Tablespace
- 11.1.1.4 Assigning Tablespace Quotas
- 11.1.1.5 Assigning a Temporary Tablespace
- 11.1.1.6 Specifying a Profile
- 11.1.1.7 Setting Default Roles
- 11.1.2 Altering Users
-
- 11.1.2.1 Changing User Authentication Mechanism
- 11.1.2.2 Changing User Default Roles
- 11.1.3 Dropping Users
- 11.2 Viewing Information About Database Users and Profiles
-
- 11.2.1 User and Profile Information in Data Dictionary Views
- 11.2.2 Listing All Users and Associated Information
- 11.2.3 Listing All Tablespace Quotas
- 11.2.4 Listing All Profiles and Assigned Limits
- 11.2.5 Viewing Memory Use for Each User Session
- 11.3 Managing Resources with Profiles
-
- 11.3.1 Dropping Profiles
- 11.4 Understanding User Privileges and Roles
-
- 11.4.1 System Privileges
-
- 11.4.1.1 Restricting System Privileges
- 11.4.1.2 Accessing Objects in the SYS Schema
- 11.4.2 Object Privileges
- 11.4.3 User Roles
- 11.5 Managing User Roles
-
- 11.5.1 Creating a Role
- 11.5.2 Specifying the Type of Role Authorization
-
- 11.5.2.1 Role Authorization by the Database
- 11.5.2.2 Role Authorization by an Application
- 11.5.2.3 Role Authorization by an External Source
- 11.5.2.4 Role Authorization by an Enterprise Directory Service
- 11.5.3 Dropping Roles
- 11.6 Granting User Privileges and Roles
-
- 11.6.1 Granting System Privileges and Roles
-
- 11.6.1.1 Granting the ADMIN OPTION
- 11.6.1.2 Creating a New User with the GRANT Statement
- 11.6.2 Granting Object Privileges
-
- 11.6.2.1 Specifying the GRANT OPTION
- 11.6.2.2 Granting Object Privileges on Behalf of the Object Owner
- 11.6.2.3 Granting Privileges on Columns
- 11.6.2.4 Row-Level Access Control
- 11.7 Revoking User Privileges and Roles
-
- 11.7.1 Revoking System Privileges and Roles
- 11.7.2 Revoking Object Privileges
-
- 11.7.2.1 Revoking Object Privileges on Behalf of the Object Owner
- 11.7.2.2 Revoking Column-Selective Object Privileges
- 11.7.2.3 Revoking the REFERENCES Object Privilege
- 11.7.3 Cascading Effects of Revoking Privileges
-
- 11.7.3.1 System Privileges
- 11.7.3.2 Object Privileges
- 11.8 Granting to and Revoking from the PUBLIC User Group
- 11.9 When Do Grants and Revokes Take Effect?
-
- 11.9.1 The SET ROLE Statement
- 11.9.2 Specifying Default Roles
- 11.9.3 Restricting the Number of Roles that a User Can Enable
- 11.10 Granting Roles Using the Operating System or Network
-
- 11.10.1 Using Operating System Role Identification
- 11.10.2 Using Operating System Role Management
- 11.10.3 Granting and Revoking Roles When OS_ROLES=TRUE
- 11.10.4 Enabling and Disabling Roles When OS_ROLES=TRUE
- 11.10.5 Using Network Connections with Operating System Role Management
- 11.11 Viewing Privilege and Role Information
-
- 11.11.1 Listing All System Privilege Grants
- 11.11.2 Listing All Role Grants
- 11.11.3 Listing Object Privileges Granted to a User
- 11.11.4 Listing the Current Privilege Domain of Your Session
- 11.11.5 Listing Roles of the Database
- 11.11.6 Listing Information About the Privilege Domains of Roles
- 12.1 Actions Audited by Default
- 12.2 Guidelines for Auditing
-
- 12.2.1 Keeping Audited Information Manageable
- 12.2.2 Auditing Normal Database Activity
- 12.2.3 Auditing Suspicious Database Activity
- 12.2.4 Auditing Administrative Users
- 12.2.5 Using Triggers
- 12.2.6 Deciding Whether to Use the Database or Operating System Audit Trail
- 12.3 What Information Is Contained in the Audit Trail?
-
- 12.3.1 Database Audit Trail Contents
- 12.3.2 Audit Information Stored in an Operating System File
- 12.4 Managing the Standard Audit Trail
-
- 12.4.1 Enabling and Disabling Standard Auditing
-
- 12.4.1.1 Setting the AUDIT_TRAIL Initialization Parameter
- 12.4.1.2 Specifying a Directory for the Operating System Auditing Trail
- 12.4.1.3 Specifying the Syslog Level
- 12.4.2 Standard Auditing in a Multitier Environment
- 12.4.3 Enabling Standard Auditing Options
-
- 12.4.3.1 Enabling Statement Auditing
- 12.4.3.2 Enabling Privilege Auditing
- 12.4.3.3 Enabling Object Auditing
- 12.4.3.4 Enabling Network Auditing
- 12.4.4 Disabling Standard Audit Options
-
- 12.4.4.1 Turning Off Statement and Privilege Auditing
- 12.4.4.2 Turning Off Object Auditing
- 12.4.4.3 Turning Off Network Auditing
- 12.4.5 Controlling the Growth and Size of the Standard Audit Trail
-
- 12.4.5.1 Purging Audit Records from the Audit Trail
- 12.4.5.2 Archiving Audit Trail Information
- 12.4.5.3 Reducing the Size of the Audit Trail
- 12.4.6 Protecting the Standard Audit Trail
- 12.4.7 Auditing the Standard Audit Trail
- 12.5 Viewing Database Audit Trail Information
-
- 12.5.1 Audit Trail Views
- 12.5.2 Using Audit Trail Views to Investigate Suspicious Activities
-
- 12.5.2.1 Listing Active Statement Audit Options
- 12.5.2.2 Listing Active Privilege Audit Options
- 12.5.2.3 Listing Active Object Audit Options for Specific Objects
- 12.5.2.4 Listing Default Object Audit Options
- 12.5.2.5 Listing Audit Records
- 12.5.2.6 Listing Audit Records for the AUDIT SESSION Option
- 12.5.3 Deleting the Audit Trail Views
- 12.5.4 The SYS.AUD$ Auditing Table: Example
- 12.6 Fine-Grained Auditing
-
- 12.6.1 Policies in Fine-Grained Auditing
-
- 12.6.1.1 Advantages of Fine-Grained Auditing over Triggers
- 12.6.1.2 Extensible Interface Using Event Handler Functions
- 12.6.1.3 Functions and Relevant Columns in Fine-Grained Auditing
- 12.6.1.4 Audit Records in Fine-Grained Auditing
- 12.6.1.5 NULL Audit Conditions
- 12.6.1.6 Defining FGA Policies
- 12.6.2 An Added Benefit to Fine-Grained Auditing
- 12.7 The DBMS_FGA Package
-
- 12.7.1 ADD_POLICY Procedure
-
- 12.7.1.1 Syntax
- 12.7.1.2 Parameters
- 12.7.1.3 Usage Notes
- 12.7.1.4 V$XML_AUDIT_TRAIL View
- 12.7.1.5 Examples
- 12.7.2 DISABLE_POLICY Procedure
-
- 12.7.2.1 Syntax
- 12.7.2.2 Parameters
- 12.7.3 DROP_POLICY Procedure
-
- 12.7.3.1 Syntax
- 12.7.3.2 Parameters
- 12.7.3.3 Usage Notes
- 12.7.4 ENABLE_POLICY Procedure
-
- 12.7.4.1 Syntax
- 12.7.4.2 Parameters
- 13.1 About Application Security Policies
- 13.2 Considerations for Using Application-Based Security
-
- 13.2.1 Are Application Users Also Database Users?
- 13.2.2 Is Security Enforced in the Application or in the Database?
- 13.3 Managing Application Privileges
- 13.4 Creating Secure Application Roles
-
- 13.4.1 An Example of Creating a Secure Application Role
- 13.5 Associating Privileges with User Database Roles
-
- 13.5.1 Using the SET ROLE Statement
- 13.5.2 Using the SET_ROLE Procedure
- 13.5.3 Examples of Assigning Roles with Static and Dynamic SQL
- 13.6 Protecting Database Objects by Using Schemas
-
- 13.6.1 Unique Schemas
- 13.6.2 Shared Schemas
- 13.7 Managing Object Privileges
-
- 13.7.1 What Application Developers Need to Know About Object Privileges
- 13.7.2 SQL Statements Permitted by Object Privileges
- 14.1 About Virtual Private Database, Fine-Grained Access Control, and Application Context
-
- 14.1.1 Introduction to VPD
-
- 14.1.1.1 Column-Level VPD
- 14.1.1.2 Column-Level VPD with Column-masking Behavior
- 14.1.1.3 VPD Security Policies and Applications
- 14.2 Introduction to Fine-Grained Access Control
-
- 14.2.1 Features of Fine-Grained Access Control
-
- 14.2.1.1 Security Policies Based on Tables, Views, and Synonyms
- 14.2.1.2 Multiple Policies for Each Table, View, or Synonym
- 14.2.1.3 Grouping of Security Policies
- 14.2.1.4 High Performance
- 14.2.1.5 Default Security Policies
- 14.2.2 About Creating a VPD Policy with Oracle Policy Manager
- 14.3 Introduction to Application Context
-
- 14.3.1 Features of Application Context
-
- 14.3.1.1 Specifying Attributes for Each Application
- 14.3.1.2 Providing Access to Predefined Attributes Through the USERENV Namespace
- 14.3.1.3 Externalized Application Contexts
- 14.3.2 Ways to Use Application Context with Fine-Grained Access Control
-
- 14.3.2.1 Secure Data Caching
- 14.3.2.2 Returning a Specific Predicate (Security Policy)
- 14.3.2.3 Providing Attributes Similar to Bind Variables in a Predicate
- 14.4 Introduction to Global Application Context
- 14.5 Enforcing Application Security
-
- 14.5.1 Use of Ad Hoc Tools: A Potential Security Problem
- 14.5.2 Restricting SQL*Plus Users from Using Database Roles
-
- 14.5.2.1 Limiting Roles Through PRODUCT_USER_PROFILE
- 14.5.2.2 Using Stored Procedures to Encapsulate Business Logic
- 14.5.2.3 Using VPD for Highest Security
- 14.5.3 VPD and Oracle Label Security Exceptions and Exemptions
- 14.6 User Models and VPD
- 15.1 About Using Application Context
- 15.2 Using Secure Session-Based Application Context
-
- 15.2.1 Task 1: Create a PL/SQL Package that Sets the Secure Context for Your Application
-
- 15.2.1.1 SYS_CONTEXT Syntax
- 15.2.1.2 SYS_CONTEXT Example
- 15.2.1.3 Using Dynamic SQL with SYS_CONTEXT
- 15.2.1.4 Using SYS_CONTEXT in a Parallel Query
- 15.2.1.5 Using SYS_CONTEXT with Database Links
- 15.2.2 Task 2: Create a Unique Secure Context and Associate It with the PL/SQL Package
- 15.2.3 Task 3: Set the Secure Context Before the User Retrieves Data
- 15.2.4 Task 4: Use the Secure Context in a VPD Policy Function
- 15.3 Examples: Secure Application Context Within a Fine-Grained Access Control Function
-
- 15.3.1 Example 1: Implementing the Policy
-
- 15.3.1.1 Step 1: Create a PL/SQL Package To Set the Secure Context for the Application
- 15.3.1.2 Step 2: Create a Secure Application Context
- 15.3.1.3 Step 3: Access the Secure Application Context Inside the Package
- 15.3.1.4 Step 4: Create the New Security Policy
- 15.3.2 Example 2: Controlling User Access with an Application
-
- 15.3.2.1 Step 1: Create a PL/SQL Package to Set the Secure Context
- 15.3.2.2 Step 2: Create the Secure Context and Associate It with the Package
- 15.3.2.3 Step 3: Create the Initialization Script for the Application
- 15.3.3 Example 3: Event Triggers, Secure Application Context, Fine-Grained Access Control, and Encapsulation of Privileges
- 15.4 Initializing Secure Application Context Externally
-
- 15.4.1 Obtaining Default Values from Users
- 15.4.2 Obtaining Values from Other External Resources
- 15.5 Initializing Secure Application Context Globally
-
- 15.5.1 Using Secure Application Context with LDAP
- 15.5.2 How Globally Initialized Secure Application Context Works
- 15.5.3 Example: Initializing Secure Application Context Globally
- 15.6 Using Client Session-Based Application Context
-
- 15.6.1 Setting a Value in CLIENTCONTEXT
- 15.6.2 Clearing a Particular Setting in CLIENTCONTEXT
- 15.6.3 Clearing all Settings in CLIENTCONTEXT
- 15.7 How to Use Global Application Context
-
- 15.7.1 Using the DBMS_SESSION Interface to Manage Application Context in Client Sessions
- 15.7.2 Examples: Global Application Context
-
- 15.7.2.1 Example 1: Global Application Context Process
- 15.7.2.2 Example 2: Global Application Context for Lightweight Users
- 15.8 How Fine-Grained Access Control Works
- 15.9 How to Establish Policy Groups
-
- 15.9.1 The Default Policy Group: SYS_DEFAULT
- 15.9.2 New Policy Groups
- 15.9.3 How to Implement Policy Groups
-
- 15.9.3.1 Step 1: Set Up a Driving Context
- 15.9.3.2 Step 2: Add a Policy to the Default Policy Group.
- 15.9.3.3 Step 3: Add a Policy to the HR Policy Group
- 15.9.3.4 Step 4: Add a Policy to the FINANCE Policy Group
- 15.9.4 Validating the Application Used to Connect to the Database
- 15.10 How to Add a Policy to a Table, View, or Synonym
-
- 15.10.1 DBMS_RLS.ADD_POLICY Procedure Policy Types
- 15.10.2 Optimizing Performance by Enabling Static and Context Sensitive Policies
-
- 15.10.2.1 About Static Policies
- 15.10.2.2 About Context-Sensitive Policies
- 15.10.3 Adding Policies for Column-Level VPD
-
- 15.10.3.1 Default Behavior
- 15.10.3.2 Column-masking Behavior
- 15.10.4 Enforcing VPD Policies on Specific SQL Statement Types
-
- 15.10.4.1 Enforcing Policies on Index Maintenance
- 15.11 How to Check for Policies Applied to a SQL Statement
- 15.12 Users Exempt from VPD Policies
-
- 15.12.1 SYS User Exempted from VPD Policies
- 15.12.2 EXEMPT ACCESS POLICY System Privilege
- 15.13 Automatic Reparse
- 15.14 VPD Policies and Flashback Query
- 16.1 Security Challenges of Three-Tier Computing
-
- 16.1.1 Who Is the Real User?
- 16.1.2 Does the Middle Tier Have Too Many Privileges?
- 16.1.3 How to Audit? Whom to Audit?
- 16.1.4 What Are the Authentication Requirements for Three-Tier Systems?
-
- 16.1.4.1 Client to Middle Tier Authentication
- 16.1.4.2 Middle Tier to Database Authentication
- 16.1.4.3 Client Reauthentication Through Middle Tier to Database
- 16.2 Oracle Database Solutions for Preserving User Identity
-
- 16.2.1 Proxy Authentication
-
- 16.2.1.1 Passing Through the Identity of the Real User by Using Proxy Authentication
- 16.2.1.2 Limiting the Privilege of the Middle Tier
- 16.2.1.3 Reauthenticating the User Through the Middle Tier to the Database
- 16.2.1.4 Auditing Actions Taken on Behalf of the Real User
- 16.2.1.5 Advantages of Proxy Authentication
- 16.2.2 Client Identifiers
-
- 16.2.2.1 Support for Application User Models by Using Client Identifiers
- 16.2.2.2 Using the CLIENT_IDENTIFIER Attribute to Preserve User Identity
- 16.2.2.3 Using CLIENT_IDENTIFIER Independent of Global Application Context
- 17.1 Securing Sensitive Information
- 17.2 Principles of Data Encryption
-
- 17.2.1 Principle 1: Encryption Does Not Solve Access Control Problems
- 17.2.2 Principle 2: Encryption Does Not Protect Against a Malicious DBA
- 17.2.3 Principle 3: Encrypting Everything Does Not Make Data Secure
- 17.3 Stored Data Encryption Using DBMS_CRYPTO
-
- 17.3.1 DBMS_CRYPTO Hashing and Encryption Capabilities
- 17.4 Data Encryption Challenges
-
- 17.4.1 Encrypting Indexed Data
- 17.4.2 Key Generation
- 17.4.3 Key Transmission
- 17.4.4 Key Storage
-
- 17.4.4.1 Storing the Keys in the Database
- 17.4.4.2 Storing the Keys in the Operating System
- 17.4.4.3 Users Managing Their Own Keys
- 17.4.4.4 Using Transparent Database Encryption
- 17.4.5 Changing Encryption Keys
- 17.4.6 BLOBS
- 17.5 Example of a Data Encryption Procedure
- 17.6 Example of AES 256-Bit Data Encryption and Decryption Procedures
- 17.7 Example of Encryption and Decryption Procedures for BLOB Data
- A.1 How Applications Are Affected
-
- A.1.1 Database Upgrade
- A.1.2 Account Provisioning
- A.1.3 Installation of Applications Using New Databases
- A.2 How Users Are Affected
-
- A.2.1 General Users
- A.2.2 Application Developers
- A.2.3 Client Server Applications
- A.3 Approaches to Addressing the CONNECT Role Change
-
- A.3.1 Approach 1 - Create a new database role
- A.3.2 Approach 2 - Restore CONNECT privileges
-
- A.3.2.1 New View Showing CONNECT Grantees
- A.3.3 Approach 3 - Conduct least privilege analysis
- B.1 Overview of the DBMS_SQLHASH Package
- B.2 The DBMS_SQLHASH.GETHASH Function
-
- B.2.1 Syntax
- B.2.2 Parameters