Professional Documents
Culture Documents
A Practical Guide
Nikos Plevris
Principal Service Delivery Manager
Agenda
• Security considerations
• Database level Authentication
• eBS level Authentication
• Auditing
• Summary
• Q&A
Security balance
• Risk of exposure
• Cost of security
• Value of information protected
APPLICATION TIER
The multi-tier
Apache
environment Mod_plsql
DATABASE TIER
DESKTOP TIER Jerver
ORACLE_HOME
iAS
ORACLE_HOME
Forms Designer RDBMS
TNS Listener
Web Borwser,
Reports
Jinit
Concurrent RAC
Managers
APPL_TOP
ORACLE_HOME
Tools
Security levels
• Across tiers
• Client
• Middle tier
• Db tier
• Across categories
• Hardening
• Network
• Authentication
• Authorization
• Audit
Security levels
• Across tiers
• Client
• Middle tier
• Db tier
• Across categories
• Hardening
• Network
• Authentication
• Authorization
• Audit
Security levels
• Across tiers
• Client
• Middle tier
• Db tier
• Across categories
• Hardening
• Network
• Authentication: Covers account management, password
management and other account related activities.
• Authorization
• Audit
Security Considerations
• Security considerations
• Database level Authentication
• eBS level Authentication
• Auditing
• Summary
• Q&A
Database level Authentication1
• Database Tier
• REMOTE_OS_AUTHENT=FALSE
• REMOTE_OS_ROLES=FALSE
• Db Profiles for password management
• FAILED_LOGIN_ATTEMPTS UNLIMITED
• PASSWORD_LIFE_TIME UNLIMITED
• PASSWORD_REUSE_TIME 180
• PASSWORD_REUSE_MAX UNLIMITED
• PASSWORD_LOCK_TIME UNLIMITED
• PASSWORD_GRACE_TIME UNLIMITED
• PASSWORD_VERIFY_FUNCTION Recommended
• _TRACE_FILES_PUBLIC=FALSE
• Limit file access from PL/SQL – Avoid UTL_FILE_DIR = *
Database level Authentication2
• Or remove schemas
Agenda
• Security considerations
• Database level Authentication
• eBS level Authentication
• Auditing
• Summary
• Q&A
eBS level Authentication1
• Security considerations
• Database level Authentication
• eBS level Authentication
• Auditing
• Summary
• Q&A
Audit1
• Focus on Authentication
• Proactive password & account management
• At db and eBS level
• Auditing
• Reactive
Q&
A
Support Terminology & Tools