| |
| |
Foreword | |
| |
| |
Acknowledgments | |
| |
| |
Introduction | |
| |
| |
| |
Quick Start | |
| |
| |
| |
General Security Best Practices | |
| |
| |
Security Policies | |
| |
| |
Different Policies for Different Needs | |
| |
| |
Understanding Security Requirements | |
| |
| |
Policy Creation | |
| |
| |
Practical Policies | |
| |
| |
The Tenets of Security | |
| |
| |
Security by Design | |
| |
| |
Defense in Depth | |
| |
| |
Least Privileges | |
| |
| |
Risk Analysis | |
| |
| |
Document Your Risk Analysis | |
| |
| |
Expect the Unexpected | |
| |
| |
Contingency Planning and Incident Response | |
| |
| |
Snapshots and Situational Awareness | |
| |
| |
Cover All the Areas | |
| |
| |
Hardening the Infrastructure | |
| |
| |
The Operating System | |
| |
| |
The Network | |
| |
| |
The Application Server | |
| |
| |
| |
Securing the Database | |
| |
| |
Securing (Default) User Accounts | |
| |
| |
Lock Down Example | |
| |
| |
Throw Out Anything Stale | |
| |
| |
Oracle Passwords | |
| |
| |
Application Password Authentication Using Oracle's Native Password Store | |
| |
| |
Checking for Weak or Default Passwords | |
| |
| |
Impossible Passwords | |
| |
| |
Managing and Ensuring Good Passwords | |
| |
| |
Limiting Database Resources | |
| |
| |
Resource Limits | |
| |
| |
Default Roles | |
| |
| |
Connect | |
| |
| |
Resource | |
| |
| |
DBA | |
| |
| |
Public Privileges | |
| |
| |
When to Grant Privileges to Public | |
| |
| |
Oracle Supplied Objects | |
| |
| |
Securing the Network | |
| |
| |
Encryption | |
| |
| |
Database Listener | |
| |
| |
| |
Identification and Authentication | |
| |
| |
| |
Understanding Identification and Authentication | |
| |
| |
Importance of Identification and Authentication | |
| |
| |
Identification Methods | |
| |
| |
User-Supplied Identification | |
| |
| |
Technological Identification | |
| |
| |
Identity Crisis | |
| |
| |
Spoofing | |
| |
| |
Identity Theft | |
| |
| |
Authentication | |
| |
| |
Methods | |
| |
| |
Best Practices for Secure Authentication | |
| |
| |
Single Sign-On | |
| |
| |
Why Single Sign-On Exists | |
| |
| |
Challenges to Single Sign-On | |
| |
| |
Database I&A | |
| |
| |
Associating Users with Database Schemas | |
| |
| |
Separate Users and Data | |
| |
| |
Identity Preservation | |
| |
| |
Determining the Appropriate Level of I&A | |
| |
| |
| |
Connection Pools and Proxy Authentication | |
| |
| |
Heritage | |
| |
| |
Host-Based Identification and Authentication | |
| |
| |
Client-Server Identification and Authentication | |
| |
| |
Web Applications | |
| |
| |
The Stateless Environment | |
| |
| |
Web Databases | |
| |
| |
Connection Pools | |
| |
| |
Oracle Implicit Connection Cache | |
| |
| |
Security Risks | |
| |
| |
Session Pools and the Oracle OCI Connection Pool | |
| |
| |
OCI Connection Pool Example | |
| |
| |
Password Management Risk | |
| |
| |
Proxy Authentication | |
| |
| |
Proxy Example | |
| |
| |
Proxy Authentication Database Setup | |
| |
| |
Proxy Authentication Modes | |
| |
| |
Forcing Proxy Authentication | |
| |
| |
| |
Identity Management and Enterprise Users | |
| |
| |
Identity Management | |
| |
| |
Directory Services | |
| |
| |
IM Components | |
| |
| |
Oracle Internet Directory (OiD) | |
| |
| |
Enterprise Users | |
| |
| |
History | |
| |
| |
Setting Up EUS | |
| |
| |
LDAP Setup | |
| |
| |
Database Setup | |
| |
| |
Applying EUS | |
| |
| |
Creating the Enterprise User | |
| |
| |
The Connection Process | |
| |
| |
User-Schema Mappings | |
| |
| |
Creating the Shared Schemas | |
| |
| |
Directory Mappings | |
| |
| |
Mapping Permutations Example | |
| |
| |
Exclusive Schemas | |
| |
| |
Considerations | |
| |
| |
Single Credentials and Performance | |
| |
| |
Dependencies | |
| |
| |
| |
Identification and Authentication for Web Applications | |
| |
| |
Application Processes for Identification and Authentication | |
| |
| |
Integrated Authentication | |
| |
| |
Creating the Application User | |
| |
| |
Connecting the Application User to the Database | |
| |
| |
Getting the User Identity | |
| |
| |
Database Account Setup | |
| |
| |
User Database Account(s) | |
| |
| |
Authentication Blueprint | |
| |
| |
Performance | |
| |
| |
Proxy Authentication Alternatives | |
| |
| |
Application Directed Security | |
| |
| |
Application User Proxy--Client Identifiers | |
| |
| |
Leveraging Database Security with Anonymous Connection Pools | |
| |
| |
Identifying Information | |
| |
| |
| |
Authorizations and Auditing | |
| |
| |
| |
Privilegs and Roles | |
| |
| |
Access Control, Authorizations, and Privileges | |
| |
| |
Access Control | |
| |
| |
Enforcing Access Control | |
| |
| |
Authorizations | |
| |
| |
Privileges | |
| |
| |
System Privileges | |
| |
| |
Object Privileges | |
| |
| |
Synonyms | |
| |
| |
System and Object Privileges Together | |
| |
| |
Privilege Persistence | |
| |
| |
Roles | |
| |
| |
Role Hierarchies | |
| |
| |
Designing for Definer and Invoker Rights | |
| |
| |
Selective Privilege Enablement | |
| |
| |
Selective Privilege Use Cases | |
| |
| |
Password-Protected Roles | |
| |
| |
Password-Protected Role Example | |
| |
| |
Password-Protected Roles and Proxy Authentication | |
| |
| |
Challenges to Securing the Password | |
| |
| |
Secure Application Roles | |
| |
| |
Secure Application Role Example | |
| |
| |
Global Roles and Enterprise Roles | |
| |
| |
Creating and Assigning Global and Enterprise Roles | |
| |
| |
Combining Standard and Global/Enterprise Roles | |
| |
| |
Using Roles Wisely | |
| |
| |
Too Many Roles | |
| |
| |
Naming | |
| |
| |
Dependencies | |
| |
| |
Example--Putting the Pieces Together | |
| |
| |
Application Authentication | |
| |
| |
Verifying the User | |
| |
| |
Setting the Secure Application Role | |
| |
| |
Securing the Source | |
| |
| |
| |
Effective Auditing for Accountability | |
| |
| |
The Security Cycle | |
| |
| |
Auditing for Accountability | |
| |
| |
Auditing Provides the Feedback Loop | |
| |
| |
Auditing Is Not Overhead | |
| |
| |
Audit Methods | |
| |
| |
Application Server Logs | |
| |
| |
Application Auditing | |
| |
| |
Application Audit Example | |
| |
| |
Trigger Auditing | |
| |
| |
Trigger Audit Example | |
| |
| |
Autonomous Transactions and Auditing | |
| |
| |
Data Versioning | |
| |
| |
Flashback Version Query | |
| |
| |
Flashback Transaction Query | |
| |
| |
Standard Database Auditing | |
| |
| |
Mandatory Auditing | |
| |
| |
Auditing SYS | |
| |
| |
Enabling Standard Auditing | |
| |
| |
Auditing By User, Privilege, and Object | |
| |
| |
Auditing Best Practices | |
| |
| |
Determining the Audit Status | |
| |
| |
Extending the Audit Data with Client Identifiers | |
| |
| |
Performance Test | |
| |
| |
Caveats | |
| |
| |
Fine-Grained Auditing | |
| |
| |
Audit Conditions | |
| |
| |
Column Sensitivity | |
| |
| |
Capturing SQL | |
| |
| |
Acting on the Audit | |
| |
| |
Caveats | |
| |
| |
| |
Fine-Grained Access Control | |
| |
| |
| |
Application Contexts for Security and Performance | |
| |
| |
Application Context | |
| |
| |
Default Userenv Context | |
| |
| |
Local Context | |
| |
| |
Creating an Application Context | |
| |
| |
Setting Context Attributes and Values | |
| |
| |
Applying the Application Context to Security | |
| |
| |
Secure Use | |
| |
| |
Common Mistakes | |
| |
| |
Global Context | |
| |
| |
Uses | |
| |
| |
Examples | |
| |
| |
External and Initialized Globally | |
| |
| |
| |
Implementing Fine-Grained Access Controls with Views | |
| |
| |
Introduction to Fine-Grained Access | |
| |
| |
Object Access | |
| |
| |
Fine-Grained Access | |
| |
| |
Secure Views | |
| |
| |
Views for Column-Level Security | |
| |
| |
Views for Row-Level Security | |
| |
| |
Viewing Problems | |
| |
| |
| |
Row-Level Security with Virtual Private Database | |
| |
| |
The Need for Virtual Private Databases | |
| |
| |
Row-Level Security Quick Start | |
| |
| |
Quick Start Example | |
| |
| |
RLS In-Depth | |
| |
| |
Benefits | |
| |
| |
Setup | |
| |
| |
The RLS Layer of Security | |
| |
| |
RLS Exemption | |
| |
| |
Debugging RLS Policies | |
| |
| |
Partitioned Fine-Grained Access Control | |
| |
| |
Column Sensitive VPD | |
| |
| |
VPD Performance | |
| |
| |
Bind Variables | |
| |
| |
Code Location | |
| |
| |
Policy Caching | |
| |
| |
Caching Caution | |
| |
| |
Comparing VPD Performance to View-Based RLS | |
| |
| |
| |
Oracle Label Security | |
| |
| |
Classifying Data | |
| |
| |
OLS Ancestry | |
| |
| |
Labels and Mandatory Access Control | |
| |
| |
Trusted Oracle | |
| |
| |
Oracle Label Security | |
| |
| |
How OLS Works | |
| |
| |
Installing OLS | |
| |
| |
Implementing Label Security | |
| |
| |
Label Example | |
| |
| |
Creating the Policy | |
| |
| |
Label Components | |
| |
| |
Levels | |
| |
| |
Creating Labels | |
| |
| |
Applying the Policy | |
| |
| |
Authorizing Access | |
| |
| |
Testing the Labels | |
| |
| |
Special OLS Privileges | |
| |
| |
Compartments | |
| |
| |
Adding Data to OLS Protected Tables | |
| |
| |
Groups | |
| |
| |
Using the Default Session Label | |
| |
| |
Comparing the Labels | |
| |
| |
Hiding the Label | |
| |
| |
Changing the Hidden Status | |
| |
| |
Writing to OLS Protected Tables | |
| |
| |
Understanding Write Authorizations | |
| |
| |
Groups and Compartments Dependency | |
| |
| |
Tips and Tricks | |
| |
| |
Restricted Updates to the Labels | |
| |
| |
Trusted Procedures | |
| |
| |
Label Functions | |
| |
| |
Storing the Labels in OID | |
| |
| |
Using Labels with Connection Pools and Shared Schemas | |
| |
| |
OLS Consideration Factors | |
| |
| |
VPD Versus Label Security | |
| |
| |
Advantages of OLS | |
| |
| |
Advantages of VPD | |
| |
| |
VPD and OLS | |
| |
| |
| |
Database Encryption | |
| |
| |
Encryption 101 | |
| |
| |
The Basics | |
| |
| |
Encryption Choices | |
| |
| |
When to Use Database Encryption | |
| |
| |
Reasons Not to Encrypt | |
| |
| |
Reasons to Encrypt | |
| |
| |
DBMS_CRYPTO | |
| |
| |
Encryption Routines | |
| |
| |
DBMS_CRYPTO Simple Example | |
| |
| |
DATA_CRYPTO Package | |
| |
| |
Encryption Examples | |
| |
| |
Encrypting Character, Numbers, and Dates | |
| |
| |
Encrypting CLOBs and BLOBs | |
| |
| |
Encryption In-Depth | |
| |
| |
Keys, Data, and IVs | |
| |
| |
Storing Encrypted Data | |
| |
| |
Encrypted Data Sizes | |
| |
| |
Hashing | |
| |
| |
DBMS_CRYPTO Hashing | |
| |
| |
Message Authentication Codes | |
| |
| |
Performance | |
| |
| |
Key Management | |
| |
| |
Key Management Options | |
| |
| |
The Best Key Management Strategy | |
| |
| |
| |
Appendixes | |
| |
| |
| |
Setting Up the Security Manager | |
| |
| |
| |
DATA_CRYPTO Package | |
| |
| |
| |
DBMS_CRYPTO Performance Test Results | |
| |
| |
Index | |