Professional Documents
Culture Documents
3
Oracle Database Security
Defense-in-Depth Encryption and Masking
• Oracle Advanced Security
• Oracle Secure Backup
• Oracle Data Masking
Access Control
• Oracle Database Vault
• Oracle Label Security
Auditing and Monitoring
• Oracle Audit Vault
• Oracle Configuration Management
• Oracle Total Recall
4 4
Oracle Advanced Security
Transparent Data Encryption (TDE)
Disk
Backups
Exports
Application
Off-Site
Facilities
5 5
Oracle Advanced Security
Key Features
Hardware
Security
Module
Strong Network
Authentication Encryption
Master Key
Oracle Wallet
Encrypted
Exports
6 6
Oracle Advanced Security
Creating Encrypted Tablespaces
7 7
Oracle Advanced Security
Configuring TDE Column Encryption
8 8
Robert Morris University Presentation
9
About Robert Morris University
Pittsburgh 1921
5000 | 15:1
Students from nearly
every state and 40
countries from Brazil to
Vietnam.
93 percent of our
graduates get jobs in
their field within six
The "Financier of the American
months of graduation
Revolution." He isn’t as famous as his
friend George Washington, but without
D-1 Sports
Robert Morris, the American colonies’ bold
attempt to throw off British rule never
could have succeeded.
IT Sec at RMU
IT Team of 20 The mission of RMU's Information
Security team is to deliver an
Security Team of 2 information security program that
With a tight budget
helps to safeguard the University's
information and assets while
maintaining an open educational
environment that is compliant with
regulatory standards.
To accomplish this mission, the
Information Security team has many
goals including assess current policies
and procedures, develop new policies to
protect University resources, assist in
establishing and strengthening
technical baselines to protect university
technical assets, react to incidents that
endanger the Institute's information,
proactively assess and monitor for
possible security weaknesses, and
educate the University community
about relevant security threats.
IT Sec at RMU
Many Responsibilities Including:
Information Security
• Security Assessments
• Intrusion Analysis
• Secure Network Design
• Incident Response
• Firewall Architectures
• Vulnerability Assessment
• Training/Instruction
• Policy Development
• Records Retention
• Change Management
• Negotiations /Procurement
• Computer Forensics
• Data Loss Prevention
• Encryption
• Web Application Security
• Database Security
• Audit/Compliance
• End Point Security
• Patch Management
• Network Access Control
• Antivirus/Anti-Spyware
• Content Management
• SIEM
Threats
against RMU
Hackers
Insiders
Week 1, 2 days:
SSCP kickoff meeting : Overview of network encryption and TDE
Identified application data to be encrypted
Ran healthcheck script in upgrade environment
Create initial draft of TDE tablespace encryption functional use cases
Week 2, 2 days:
Deployed TDE tablespace encryption in upgrade environment
Performed use case testing of TDE tablespace encryption
Week 3, 4 days:
Complete deployment of TDE tablespace encryption
Deploy network encryption in upgrade environment
Perform use case testing of network encryption
Knowledge transfer sessions
Performance Testing
identified a set of five core test test queries was to take event
10046 level 12 SQL traces within
application queries that would
SQL Plus using the procedure
be tested and performance DBMS_SYSTEM.SET_EV,
compared across the followed by running each
configurations: generated tracefile through
student registration via Patriot TKPROF.
client The level 12 SQL traces were
checksheet batch processing performed in each of the three
IRSE load processing test configurations.
nightly processing
catalog course search
Performance Testing Results (secs)
Where We Are Going
What is the Security Pack?
24 24
More Oracle Database Security Presentations
• Monday:
– 12:30 pm: Making a Business Case for Information Security MS 300
– 3:30 pm: Oracle Database 11g Release 2 Security: Defense-in-Depth
MS 103
• Tuesday:
– 12:30 pm: Real-World Deployment and Best Practices : Oracle Audit Vault MS 104
– 2:00 pm: Real-World Deployment and Best Practices : Oracle Advanced Security MS 300
– 3:30 pm: Database Security Event Management : Oracle Audit Vault and ArcSight MS 300
– 5:00 pm: Real-World Deployment and Best Practices :Oracle Database Vault MS 303
• Wednesday:
– 10:00 am: Protect Data and Save Money: Aberdeen MS 306
– 11:30 am: Preventing Database Attacks With Oracle Database Firewall MS 306
– 4:45 pm: Centralized Key Management and Performance :Oracle Advanced Security MS 306
• Thursday:
– 10:30 am: Deploying Oracle Database 11g Securely on Oracle Solaris
MS 104
MS = Moscone South
25
Oracle Database Security Hands-on-Labs
• Monday:
– Database Vault 11:00AM | Marriott Marquis, Salon 10 / 11 Check Availability
– Database Vault 5:00PM | Marriott Marquis, Salon 10 / 11 Check Availability
• Tuesday:
– Database Security 11:00AM | Marriott Marquis, Salon 10 / 11 Check Availability
• Thursday
– Advanced Security 12:00PM | Marriott Marquis, Salon 10 / 11 Check Availability
– Audit Vault 1:30PM | Marriott Marquis, Salon 10 / 11 Check Availability
26
Oracle Database Security Demo Grounds
Moscone West
Exhibition Hours
Monday, September 20 9:45 a.m. - 5:30 p.m.
Tuesday, September 21 9:45 a.m. - 5:30 p.m.
Wednesday, September 22 9:00 a.m. - 4:00 p.m.
27
For More Information
search.oracle.com
database security
oracle.com/database/security
28 28
Q&
A
29 29