Book description
Cutting-edge techniques from leading Oracle security experts
This Oracle Press guide demonstrates practical applications of the most compelling methods for developing secure Oracle database and middleware environments. You will find full coverage of the latest and most popular Oracle products, including Oracle Database and Audit Vaults, Oracle Application Express, and secure Business Intelligence applications.
Applied Oracle Security demonstrates how to build and assemble the various Oracle technologies required to create the sophisticated applications demanded in today's IT world. Most technical references only discuss a single product or product suite. As such, there is no roadmap to explain how to get one product, product-family, or suite to work with another. This book fills that void with respect to Oracle Middleware and Database products and the area of security.Table of contents
- Cover Page
- Applied Oracle Security
- Copyright Page
- Dedication
- About the Authors
- Contents
- Foreword
- Acknowledgments
-
PART I Oracle Database Security New Features
- 1 Security Blueprints and New Thinking
- 2 Transparent Data Encryption
- 3 Applied Auditing and Audit Vault
-
PART II Oracle Database Vault
- 4 Database Vault Introduction
- 5 Database Vault Fundamentals
-
6 Applied Database Vault for Custom Applications
- Notional Database Applications Environment
- From Requirements to Security Profile Design
- Requirements Technique: Use Cases and Scenarios
- Identify Coarse-Grained Security Profile
- Identify Fine-Grained Security Profile
-
Identify DBV Factors Based on Business or System Conditions
- Centralizing PL/SQL Routines for DBV Factors and Rules
- Factors Based on Compliance
- Factors Based on Conflict of Interest or Separation of Duty
- Factors Based on Organizational Policy
- Factors Based on Identity Management
- Factors Based on Access Path or Operational Context
- Factors Based on Time or Sequential Conditions
- Factors Based on Data or Events Stored Externally
- Incorporating DBV Factors in Your Application
- Identify DBV Realms and Realm Objects Based on Objects
- Identify Accounts, Roles, and DBV Realm Authorizations from Use Case Actors
- Establish DBV Command Rules from Conditions
- Establish DBV Secure Application Roles from Conditions
- Summary
-
7 Applied Database Vault for Existing Applications
- Audit Capture Preparation
- Capturing Audits
-
Analyzing the Audit Trail
- DBV Realms from Object-Owner Accounts
- DBV Realm Secured Objects
- DBV Realm Authorizations
- Identify End User Access Accounts and Roles for DBV SARs
- Identifying DBV Command Rules from Conditions
- Identifying DBV Factors Based on Business or System Conditions
- Refining the DBV Policy Design
- Deploying and Validating the DBV Policy
- Integrating DBV with Oracle Database Features
- Advanced Monitoring and Alerting with a DBV Database
- Summary
-
PART III Identity Management
- 8 Architecting Identity Management
- 9 Oracle Identity Manager
- 10 Oracle Directory Services
-
PART IV Applied Security for Oracle APEX and Oracle Business Intelligence
- 11 Web-centric Security in APEX
- 12 Secure Coding Practices in APEX
- 13 Securing Access to Oracle BI
- 14 Securing Oracle BI Content and Data
- A Using the Oracle BI Examples
- Index
Product information
- Title: Applied Oracle Security: Developing Secure Database and Middleware Environments
- Author(s):
- Release date: November 2009
- Publisher(s): Oracle Press
- ISBN: 9780071613712
You might also like
book
Oracle Internals
If you are a typical Oracle professional, you don't have the luxury of time to keep …
book
Oracle Database 12c Release 2 Multitenant
Master the Powerful Multitenant Features of Oracle Database 12c Govern a scalable, extensible, and highly available …
book
OCA/OCP Oracle Database 12c All-in-One Exam Guide (Exams 1Z0-061, 1Z0-062, & 1Z0-063), 2nd Edition
This Oracle Press certification exam guide prepares you for the new Oracle Database 12 c certification …
book
Oracle Database 12c The Complete Reference
Master the Cutting-Edge Features of Oracle Database 12c Maintain a scalable, highly available enterprise platform and …