Packt+ | Advance your knowledge in tech

You're reading from Oracle Database 12c Security Cookbook

Product type Book

Published in Jun 2016

Publisher Packt

ISBN-13 9781782172123

Pages 388 pages

Edition 1st Edition

Languages

Concepts

Database Administration

Authors (2):

Zoran Pavlovic

Maja Veselica

View More author details

Table of Contents (18) Chapters

Oracle Database 12c Security Cookbook

Credits

About the Authors

About the Reviewers

www.PacktPub.com

Preface

1. Basic Database Security

2. Security Considerations in Multitenant Environment

3. PL/SQL Security

4. Virtual Private Database

5. Data Redaction

6. Transparent Sensitive Data Protection

7. Privilege Analysis

8. Transparent Data Encryption

9. Database Vault

10. Unified Auditing

11. Additional Topics

12. Appendix – Application Contexts

Preface

This book covers most of the Oracle Database 12c Security features and solutions that exist in Oracle Database 12c. Oracle Database 12c Security Cookbook will help you better understand database security challenges. It will guide you through the process of implementing appropriate security mechanisms, helping you to ensure that you are taking proactive steps to keep your data safe. Because the book features solutions for common security problems in the new Oracle Database 12c, it will make you confident about securing your database from a range of different threats and problems.

What this book covers

Chapter 1, Basic Database Security, introduces you to the different authentication methods supported by Oracle Database 12c and also provides a brief overview about creating and using database roles.

Chapter 2, Security Considerations in Multitenant Environment, focuses on some of the security considerations concerning common and local: users, roles, and privileges.

Chapter 3, PL/SQL Security, helps you understand the differences and usages of definer and invoker rights procedures as well as usages of code-based access control. It gives required information about authorization.

Chapter 4, Virtual Private Database, introduces you to the Oracle Virtual Private Database, which is a security feature introduced in Oracle Database 8i, which enables you to have a more granular control over security of your data.

Chapter 5, Data Redaction, introduces you to the new security feature Oracle Data Redaction, which helps you mask (hide/redact) some (sensitive) data from end users in a production environment.

Chapter 6, Transparent Sensitive Data Protection, teaches you ways to create classes of sensitive data and helps you gain more centralized control over how sensitive data is protected.

Chapter 7, Privilege Analysis, it shows how to create and enable privilege analysis policies. It also covers how to generate reports and revoke both used and unused Object/System privileges.

Chapter 8, Transparent Data Encryption, explains key concepts and tasks such as: two-key architecture, key management, message authentication code (MAC), salt, encrypting columns in a table, encrypting a tablespace, creating an encrypted RMAN backup, and so on.

Chapter 9, Database Vault, covers basic concepts of Oracle Database Vault. It teaches you how to create and appropriately use realms, rules, rule sets, command rules, factors, and secure application roles.

Chapter 10, Unified Auditing, introduces a new auditing architecture.

Chapter 11, Additional Topics, covers more advanced topics and teaches you how to perform everyday administration tasks in Database Vault environment.

Chapter 12, Appendix - Application Contexts, will cover how to retrieve values from built-in contexts and to create, set, and use an application context.

What you need for this book

Software required (with version)- Oracle Database 12c, Enterprise Manager Cloud Control 12c R4, Oracle Enterprise Manager Database Express 12c

Hardware specifications- OS required- Linux (Preferred Oracle Linux 6.5)

Who this book is for

This book is for DBAs, developers, and architects who are keen to know more about security in Oracle Database 12c. This book is best suited for beginners and intermediate-level database security practitioners. Basic knowledge of Oracle Database is expected, but no prior experience of securing a database is required.

Sections

In this book, you will find several headings that appear frequently (Getting ready, How to do it, How it works, There's more, and See also).

To give clear instructions on how to complete a recipe, we use these sections as follows:

Getting ready

This section tells you what to expect in the recipe and describes how to set up any software or any preliminary settings required for the recipe.

How to do it…

This section contains the steps required to follow the recipe.

How it works…

This section usually consists of a detailed explanation of what happened in the previous section.

There's more…

This section consists of additional information about the recipe in order to make the reader more knowledgeable about the recipe.

Conventions

In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.

Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "Create a local user (for example, mike)."

Any command-line input or output is written as follows:

c##zoran@CDB1> create user c##maja identified by oracle1
 container=all;

New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "Click on the Create button."

Note

Warnings or important notes appear in a box like this.

Tip

Tips and tricks appear like this.

For this book we have outlined the shortcuts for the Mac OX platform if you are using the Windows version you can find the relevant shortcuts on the WebStorm help page https://www.jetbrains.com/webstorm/help/keyboard-shortcuts-by-category.html.

Reader feedback

Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.

To send us general feedback, simply e-mail feedback@packtpub.com, and mention the book's title in the subject of your message.

If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.

Customer support

Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

Downloading the example code

You can download the example code files for this book from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.

You can download the code files by following these steps:

Log in or register to our website using your e-mail address and password.
Hover the mouse pointer on the SUPPORT tab at the top.
Click on Code Downloads & Errata.
Enter the name of the book in the Search box.
Select the book for which you're looking to download the code files.
Choose from the drop-down menu where you purchased this book from.
Click on Code Download.

You can also download the code files by clicking on the Code Files button on the book's webpage at the Packt Publishing website. This page can be accessed by entering the book's name in the Search box. Please note that you need to be logged in to your Packt account.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR / 7-Zip for Windows
Zipeg / iZip / UnRarX for Mac
7-Zip / PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Oracle-Database-12c-Security-Cookbook. We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Errata

Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata , selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.

To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.

Piracy

Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.

Please contact us at copyright@packtpub.com with a link to the suspected pirated material.

We appreciate your help in protecting our authors and our ability to bring you valuable content.