Professional Documents
Culture Documents
Agenda: Oracle Database Security Oracle Database Security
Agenda: Oracle Database Security Oracle Database Security
Agenda
Control
3 4
Control
5 6
1
21/09/2011
Potential Risks
Oracle Database Security Oracle Database Security
Vulnerabilities Vulnerabilities 1. How do you consolidate
audit data from different
Potential Risks databases?
User A User C User A User C
User B User B
Control
Application Application
2. How do you enforce fine- 3. How do you perform
Network
Administrator <E> grained access? E.g. user Network
Administrator <E> audit reporting for
Database A can view customer data Database compliance purpose?
DBA
HR Finance Customer <M> Dev/ Developers from east region while
DBA
HR Finance Customer <M> Dev/ Developers
Test Testers user B is restricted to Test Testers
Centralized Auditors
Optimization & maintenance customer data from west Optimization & maintenance
Audit Separation of duties
region? Repository
Audit
Administrator
7 8
Control
Audit Audit
Repository
Separation of duties
Vault
Repository
Separation of duties
Audit Audit
Administrator Administrator
Sysadmin Sysadmin
Advanced Security ESecure
Offsite Location Offsite Location
E E E E E
E Internal / (TDE / TE) Backup E Internal /
Transportation External Transportation External
Provider Party Provider Party
9 10
Identity Management
Network Security
Network Security
Data Security
Control and Management
External External
Firewalls DMZ Firewalls DMZ
Connectivity Connectivity
Components
Data Data
Encryption Cryptography Encryption Cryptography
Classification Classification
11 12
2
21/09/2011
Access Manager
Identity Analytics
Operational Manageability
‘Cloned’
Database
LNAME SSN SALARY
���������
3
���������������������������������������������������������������������������
���������������������������������������������������������������������������������
�����������������������������������������������������