SlideShare a Scribd company logo

security in oracle database

S
ssuser40bb47

The document discusses security in Oracle databases. It covers several topics: Oracle Label Security which allows row-level access control based on user privileges; data masking and subsetting tools for replacing sensitive data; auditing of database activities for accountability, investigation, and problem detection; and encryption technologies like Transparent Data Encryption and Key Vault for securing data. Presenters Zahra Taghipoor kolaei and Seyyedeh Fatemeh Mousazadeh Mousavi led the discussion under Professor Dr. Sadegh Dorri Nogoorani during a winter 2022 class.

1 of 23
Download to read offline
Database security class presentation Providers: Zahra Taghipoor kolaei Seyyedeh Fatemeh Mousazadeh Mousavi Professor: Dr.Sadegh Dorri Nogoorani winter 2022 Security in oracle 1
Oracle database 1 2
About oracle ◉ Relational database ◉ ORDBMS ◉ SQL Based 3
Security 2 4
About Oracle Database security Oracle Label Security secures database tables at the row level, allowing you to filter user access to row data based on privileges. Real Application Security Administration Console (RASADM) lets you create Real Application Security data security policies using a graphical user interface. Enterprise User Security addresses user, administrative, and security challenges by relying on the identity management services supplied by Oracle Internet Directory, an LDAP-compliant directory service. 5 Transparent Data Encryption enables you to encrypt data so that only an authorized recipient can read it. Oracle Data Redaction enables you to redact (mask) column data using several redaction types. Data Masking and Subsetting process of replacing sensitive data with fictitious yet realistic looking data and process of downsizing either by discarding or extracting data
continue Key Vault enables you to accelerate security and encryption deployments by centrally managing encryption keys, Oracle wallets, Java keystores, and credential files. Oracle Audit Vault and Database Firewall provides a comprehensive Database Activity Monitoring (DAM) solution that combines database audit logs with SQL traffic capture. 6 Database Assessment Tools Identify database configuration, operation, or implementation introduces risk. Database Vault restrict access to application data by privileged database users. Reducing the risk of insider and outside threats.
Oracle Lable Security 3 7
About Oracle Label Security ◉ controls the display of individual table rows using labels ◉ works by comparing the row label with a user's label authorizations to enable you to easily restrict sensitive information to only authorized users ◉ based on multi-level security (MLS) requirements ◉ installed by default, but not automatically enabled 8
Benefits of Oracle Label Security ◉ It enables row level data classification and provides out-of-the box access mediation based on the data classification and the user label authorization or security clearance. ◉ It enables you to assign label authorizations or security clearances to both database users and application users. ◉ It provides both APIs and a graphical user interface for defining and storing data classification labels and user label authorizations. ◉ It integrates with Oracle Database Vault and Oracle Advanced Security Data Redaction, enabling security clearances to be use in both Database Vault command rules and Data Redaction policy definitions. 9
Components of Oracle Label Security ◉ Labels: authorizations for users and program units, govern access to specified protected objects • Levels: indicate the type of sensitivity that you want to assign to the row • Compartments: represent the projects in this example that help define more precise access controls • Groups: identify organizations owning or accessing the data ◉ Policy: name associated with these labels, rules, authorizations, and protected tables 10
Oracle Label Security Architecture 11
Data Masking and Subsetting 4 12
The Need to Mask and Subset data ◉ Limit sensitive data proliferation ◉ Share what is necessary ◉ Comply with data privacy laws and standards ◉ Minimize storage costs 13
Major Components of Oracle Data Masking and Subsetting ◉ Application Data Modeling ◉ Data Masking Format Library ◉ Data Masking Transformations ◉ Data Subsetting ◉ Application Templates 14
Architecture 15
Deployment Options ◉ In-Database mode ◉ In-Export mode ◉ Heterogeneous mode 16
Methodology 17
Auditting database activities 5 18
What is Auditing ◉ the monitoring and recording of selected user database actions, from both database users and nondatabase users ◉ The actions that you audit are recorded in either data dictionary tables or in operating system files 19
Why is Auditing Used ◉ Enable accountability for actions ◉ Investigate suspicious activity ◉ Notify an auditor of the actions of an unauthorized user ◉ Monitor and gather data about specific database activities ◉ Detect problems with an authorization or access control implementation 20
Types of Auditing Unified and Conditional Auditing ➢ Audit data managed using the built- in audit data management package within the database ➢ The AUDIT_ADMIN and AUDIT_VIEWER roles provides separation of duty ➢ Oracle audit vault and database firewall is integrated with this Traditional Database Auditing ➢ Prevent overhead on the source database system ➢ Be written to the operating system files as this configuration 21
references 1) https://docs.oracle.com/en/database/oracle/oracle-database/21/ 2) https://docs.oracle.com/cd/E11882_01/network.112/e36292/intro.ht m#DBSEG001 22
Any questions ? You can find us at ◉ zahrataghipoor75@gmail.com ◉ sfmousazadeh99@gmail.com Thanks! 23
Ad

Recommended

Auditing security of Oracle DB (Karel Miko)
Auditing security of Oracle DB (Karel Miko)Auditing security of Oracle DB (Karel Miko)
Auditing security of Oracle DB (Karel Miko)
DCIT, a.s.
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Edgar Alejandro Villegas
 
8 isecurity database
8 isecurity database8 isecurity database
8 isecurity database
Anil Pandey
 
Database security issues
Database security issuesDatabase security issues
Database security issues
n|u - The Open Security Community
 
Database security
Database securityDatabase security
Database security
keerthusandeepreddy
 
Database Security
Database SecurityDatabase Security
Database Security
ShingalaKrupa
 
Database security and security in networks
Database security and security in networksDatabase security and security in networks
Database security and security in networks
G Prachi
 
Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...
Naveena N
 
Security of the database
Security of the databaseSecurity of the database
Security of the database
Pratik Tamgadge
 
DBMS SECURITY
DBMS SECURITYDBMS SECURITY
DBMS SECURITY
Wasim Raza
 
Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...
Hamish Brocklebank
 
Database security
Database securityDatabase security
Database security
Arpana shree
 
Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”
Christophe Guéret
 
Scalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data PortalScalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data Portal
Globus
 
HEBE Platform Technology
HEBE Platform TechnologyHEBE Platform Technology
HEBE Platform Technology
Alex G. Lee, Ph.D. Esq. CLP
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
InSync2011
 
Oracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guideOracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guide
bupbechanhgmail
 
Data base security & integrity
Data base security & integrityData base security & integrity
Data base security & integrity
Pooja Dixit
 
Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...
Olav Tvedt
 
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CloudIDSummit
 
Database Security And Authentication
Database Security And AuthenticationDatabase Security And Authentication
Database Security And Authentication
Sudeb Das
 
Hasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solutionHasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solution
IMPULSE_TECHNOLOGY
 
Privacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-basedPrivacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-based
Nagamalleswararao Tadikonda
 
Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013
Prosanta Ghosh
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql database
gourav kottawar
 
Database Security & Encryption
Database Security & EncryptionDatabase Security & Encryption
Database Security & Encryption
Tech Sanhita
 
Case Study for Ego-centric Citation Network
Case Study for Ego-centric Citation NetworkCase Study for Ego-centric Citation Network
Case Study for Ego-centric Citation Network
Mike Taylor
 
My sql and oracle difference
My sql and oracle difference My sql and oracle difference
My sql and oracle difference
manisha1110
 
Oracle database 12c security and compliance
Oracle database 12c security and complianceOracle database 12c security and compliance
Oracle database 12c security and compliance
FITSFSd
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentation
stefanjung
 
Ad

More Related Content

What's hot (20)

Security of the database
Security of the databaseSecurity of the database
Security of the database
Pratik Tamgadge
 
DBMS SECURITY
DBMS SECURITYDBMS SECURITY
DBMS SECURITY
Wasim Raza
 
Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...
Hamish Brocklebank
 
Database security
Database securityDatabase security
Database security
Arpana shree
 
Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”
Christophe Guéret
 
Scalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data PortalScalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data Portal
Globus
 
HEBE Platform Technology
HEBE Platform TechnologyHEBE Platform Technology
HEBE Platform Technology
Alex G. Lee, Ph.D. Esq. CLP
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
InSync2011
 
Oracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guideOracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guide
bupbechanhgmail
 
Data base security & integrity
Data base security & integrityData base security & integrity
Data base security & integrity
Pooja Dixit
 
Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...
Olav Tvedt
 
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CloudIDSummit
 
Database Security And Authentication
Database Security And AuthenticationDatabase Security And Authentication
Database Security And Authentication
Sudeb Das
 
Hasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solutionHasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solution
IMPULSE_TECHNOLOGY
 
Privacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-basedPrivacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-based
Nagamalleswararao Tadikonda
 
Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013
Prosanta Ghosh
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql database
gourav kottawar
 
Database Security & Encryption
Database Security & EncryptionDatabase Security & Encryption
Database Security & Encryption
Tech Sanhita
 
Case Study for Ego-centric Citation Network
Case Study for Ego-centric Citation NetworkCase Study for Ego-centric Citation Network
Case Study for Ego-centric Citation Network
Mike Taylor
 
My sql and oracle difference
My sql and oracle difference My sql and oracle difference
My sql and oracle difference
manisha1110
 
Security of the database
Security of the databaseSecurity of the database
Security of the database
Pratik Tamgadge
 
DBMS SECURITY
DBMS SECURITYDBMS SECURITY
DBMS SECURITY
Wasim Raza
 
Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...
Hamish Brocklebank
 
Database security
Database securityDatabase security
Database security
Arpana shree
 
Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”
Christophe Guéret
 
Scalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data PortalScalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data Portal
Globus
 
HEBE Platform Technology
HEBE Platform TechnologyHEBE Platform Technology
HEBE Platform Technology
Alex G. Lee, Ph.D. Esq. CLP
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
InSync2011
 
Oracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guideOracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guide
bupbechanhgmail
 
Data base security & integrity
Data base security & integrityData base security & integrity
Data base security & integrity
Pooja Dixit
 
Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...
Olav Tvedt
 
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CloudIDSummit
 
Database Security And Authentication
Database Security And AuthenticationDatabase Security And Authentication
Database Security And Authentication
Sudeb Das
 
Hasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solutionHasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solution
IMPULSE_TECHNOLOGY
 
Privacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-basedPrivacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-based
Nagamalleswararao Tadikonda
 
Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013
Prosanta Ghosh
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql database
gourav kottawar
 
Database Security & Encryption
Database Security & EncryptionDatabase Security & Encryption
Database Security & Encryption
Tech Sanhita
 
Case Study for Ego-centric Citation Network
Case Study for Ego-centric Citation NetworkCase Study for Ego-centric Citation Network
Case Study for Ego-centric Citation Network
Mike Taylor
 
My sql and oracle difference
My sql and oracle difference My sql and oracle difference
My sql and oracle difference
manisha1110
 

Similar to security in oracle database (20)

Oracle database 12c security and compliance
Oracle database 12c security and complianceOracle database 12c security and compliance
Oracle database 12c security and compliance
FITSFSd
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentation
stefanjung
 
ppt-security-dbsat-222-overview-nodemo.pdf
ppt-security-dbsat-222-overview-nodemo.pdfppt-security-dbsat-222-overview-nodemo.pdf
ppt-security-dbsat-222-overview-nodemo.pdf
camyla81
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database Security
Troy Kitch
 
Creating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres DatabaseCreating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres Database
EDB
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safe
ALI ANWAR, OCP®
 
Database Security – Issues and Best PracticesOutline
Database Security – Issues and Best PracticesOutlineDatabase Security – Issues and Best PracticesOutline
Database Security – Issues and Best PracticesOutline
OllieShoresna
 
8.1.6 newsecurity features
8.1.6 newsecurity features8.1.6 newsecurity features
8.1.6 newsecurity features
Anil Pandey
 
The Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdfThe Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdf
Domain News Tech
 
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
Nag Nani
 
A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...
IJARIIT
 
5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_security5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_security
Doina Draganescu
 
Database Options
Database OptionsDatabase Options
Database Options
Connor McDonald
 
MobileDBSecurity.pptx
MobileDBSecurity.pptxMobileDBSecurity.pptx
MobileDBSecurity.pptx
missionsk81
 
How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...
Anar Godjaev
 
Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12c
Troy Kitch
 
ch20 Secuity & Admin Transparencies-6E.pptx
ch20 Secuity & Admin Transparencies-6E.pptxch20 Secuity & Admin Transparencies-6E.pptx
ch20 Secuity & Admin Transparencies-6E.pptx
alhashediyemen1
 
Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017
Maximiliano Accotto
 
Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017
Maximiliano Accotto
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and Masking
DLT Solutions
 
Oracle database 12c security and compliance
Oracle database 12c security and complianceOracle database 12c security and compliance
Oracle database 12c security and compliance
FITSFSd
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentation
stefanjung
 
ppt-security-dbsat-222-overview-nodemo.pdf
ppt-security-dbsat-222-overview-nodemo.pdfppt-security-dbsat-222-overview-nodemo.pdf
ppt-security-dbsat-222-overview-nodemo.pdf
camyla81
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database Security
Troy Kitch
 
Creating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres DatabaseCreating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres Database
EDB
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safe
ALI ANWAR, OCP®
 
Database Security – Issues and Best PracticesOutline
Database Security – Issues and Best PracticesOutlineDatabase Security – Issues and Best PracticesOutline
Database Security – Issues and Best PracticesOutline
OllieShoresna
 
8.1.6 newsecurity features
8.1.6 newsecurity features8.1.6 newsecurity features
8.1.6 newsecurity features
Anil Pandey
 
The Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdfThe Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdf
Domain News Tech
 
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
Nag Nani
 
A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...
IJARIIT
 
5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_security5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_security
Doina Draganescu
 
Database Options
Database OptionsDatabase Options
Database Options
Connor McDonald
 
MobileDBSecurity.pptx
MobileDBSecurity.pptxMobileDBSecurity.pptx
MobileDBSecurity.pptx
missionsk81
 
How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...
Anar Godjaev
 
Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12c
Troy Kitch
 
ch20 Secuity & Admin Transparencies-6E.pptx
ch20 Secuity & Admin Transparencies-6E.pptxch20 Secuity & Admin Transparencies-6E.pptx
ch20 Secuity & Admin Transparencies-6E.pptx
alhashediyemen1
 
Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017
Maximiliano Accotto
 
Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017
Maximiliano Accotto
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and Masking
DLT Solutions
 
Ad

Recently uploaded (20)

Operations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdfOperations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdf
Arab Academy for Science, Technology and Maritime Transport
 
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
larencebapu132
 
dynastic art of the Pallava dynasty south India
dynastic art of the Pallava dynasty south Indiadynastic art of the Pallava dynasty south India
dynastic art of the Pallava dynasty south India
PrachiSontakke5
 
Understanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s GuideUnderstanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s Guide
GS Virdi
 
Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025
Mebane Rash
 
How to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POSHow to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POS
Celine George
 
How to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odooHow to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odoo
Celine George
 
Herbs Used in Cosmetic Formulations .pptx
Herbs Used in Cosmetic Formulations .pptxHerbs Used in Cosmetic Formulations .pptx
Herbs Used in Cosmetic Formulations .pptx
RAJU THENGE
 
Sinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_NameSinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_Name
keshanf79
 
Presentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem KayaPresentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem Kaya
MIPLM
 
Grade 2 - Mathematics - Printable Worksheet
Grade 2 - Mathematics - Printable WorksheetGrade 2 - Mathematics - Printable Worksheet
Grade 2 - Mathematics - Printable Worksheet
Sritoma Majumder
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptxYSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
Contact Lens:::: An Overview.pptx.: Optometry
Contact Lens:::: An Overview.pptx.: OptometryContact Lens:::: An Overview.pptx.: Optometry
Contact Lens:::: An Overview.pptx.: Optometry
MushahidRaza8
 
To study the nervous system of insect.pptx
To study the nervous system of insect.pptxTo study the nervous system of insect.pptx
To study the nervous system of insect.pptx
Arshad Shaikh
 
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
Celine George
 
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - WorksheetCBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
Sritoma Majumder
 
Grade 3 - English - Printable Worksheet (PDF Format)
Grade 3 - English - Printable Worksheet (PDF Format)Grade 3 - English - Printable Worksheet (PDF Format)
Grade 3 - English - Printable Worksheet (PDF Format)
Sritoma Majumder
 
SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -
Colégio Santa Teresinha
 
Odoo Inventory Rules and Routes v17 - Odoo Slides
Odoo Inventory Rules and Routes v17 - Odoo SlidesOdoo Inventory Rules and Routes v17 - Odoo Slides
Odoo Inventory Rules and Routes v17 - Odoo Slides
Celine George
 
03#UNTAGGED. Generosity in architecture.
03#UNTAGGED. Generosity in architecture.03#UNTAGGED. Generosity in architecture.
03#UNTAGGED. Generosity in architecture.
MCH
 
Operations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdfOperations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdf
Arab Academy for Science, Technology and Maritime Transport
 
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
larencebapu132
 
dynastic art of the Pallava dynasty south India
dynastic art of the Pallava dynasty south Indiadynastic art of the Pallava dynasty south India
dynastic art of the Pallava dynasty south India
PrachiSontakke5
 
Understanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s GuideUnderstanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s Guide
GS Virdi
 
Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025
Mebane Rash
 
How to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POSHow to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POS
Celine George
 
How to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odooHow to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odoo
Celine George
 
Herbs Used in Cosmetic Formulations .pptx
Herbs Used in Cosmetic Formulations .pptxHerbs Used in Cosmetic Formulations .pptx
Herbs Used in Cosmetic Formulations .pptx
RAJU THENGE
 
Sinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_NameSinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_Name
keshanf79
 
Presentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem KayaPresentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem Kaya
MIPLM
 
Grade 2 - Mathematics - Printable Worksheet
Grade 2 - Mathematics - Printable WorksheetGrade 2 - Mathematics - Printable Worksheet
Grade 2 - Mathematics - Printable Worksheet
Sritoma Majumder
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptxYSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
Contact Lens:::: An Overview.pptx.: Optometry
Contact Lens:::: An Overview.pptx.: OptometryContact Lens:::: An Overview.pptx.: Optometry
Contact Lens:::: An Overview.pptx.: Optometry
MushahidRaza8
 
To study the nervous system of insect.pptx
To study the nervous system of insect.pptxTo study the nervous system of insect.pptx
To study the nervous system of insect.pptx
Arshad Shaikh
 
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
Celine George
 
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - WorksheetCBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
Sritoma Majumder
 
Grade 3 - English - Printable Worksheet (PDF Format)
Grade 3 - English - Printable Worksheet (PDF Format)Grade 3 - English - Printable Worksheet (PDF Format)
Grade 3 - English - Printable Worksheet (PDF Format)
Sritoma Majumder
 
SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -
Colégio Santa Teresinha
 
Odoo Inventory Rules and Routes v17 - Odoo Slides
Odoo Inventory Rules and Routes v17 - Odoo SlidesOdoo Inventory Rules and Routes v17 - Odoo Slides
Odoo Inventory Rules and Routes v17 - Odoo Slides
Celine George
 
03#UNTAGGED. Generosity in architecture.
03#UNTAGGED. Generosity in architecture.03#UNTAGGED. Generosity in architecture.
03#UNTAGGED. Generosity in architecture.
MCH
 
Ad

security in oracle database

  • 1. Database security class presentation Providers: Zahra Taghipoor kolaei Seyyedeh Fatemeh Mousazadeh Mousavi Professor: Dr.Sadegh Dorri Nogoorani winter 2022 Security in oracle 1
  • 3. About oracle ◉ Relational database ◉ ORDBMS ◉ SQL Based 3
  • 5. About Oracle Database security Oracle Label Security secures database tables at the row level, allowing you to filter user access to row data based on privileges. Real Application Security Administration Console (RASADM) lets you create Real Application Security data security policies using a graphical user interface. Enterprise User Security addresses user, administrative, and security challenges by relying on the identity management services supplied by Oracle Internet Directory, an LDAP-compliant directory service. 5 Transparent Data Encryption enables you to encrypt data so that only an authorized recipient can read it. Oracle Data Redaction enables you to redact (mask) column data using several redaction types. Data Masking and Subsetting process of replacing sensitive data with fictitious yet realistic looking data and process of downsizing either by discarding or extracting data
  • 6. continue Key Vault enables you to accelerate security and encryption deployments by centrally managing encryption keys, Oracle wallets, Java keystores, and credential files. Oracle Audit Vault and Database Firewall provides a comprehensive Database Activity Monitoring (DAM) solution that combines database audit logs with SQL traffic capture. 6 Database Assessment Tools Identify database configuration, operation, or implementation introduces risk. Database Vault restrict access to application data by privileged database users. Reducing the risk of insider and outside threats.
  • 8. About Oracle Label Security ◉ controls the display of individual table rows using labels ◉ works by comparing the row label with a user's label authorizations to enable you to easily restrict sensitive information to only authorized users ◉ based on multi-level security (MLS) requirements ◉ installed by default, but not automatically enabled 8
  • 9. Benefits of Oracle Label Security ◉ It enables row level data classification and provides out-of-the box access mediation based on the data classification and the user label authorization or security clearance. ◉ It enables you to assign label authorizations or security clearances to both database users and application users. ◉ It provides both APIs and a graphical user interface for defining and storing data classification labels and user label authorizations. ◉ It integrates with Oracle Database Vault and Oracle Advanced Security Data Redaction, enabling security clearances to be use in both Database Vault command rules and Data Redaction policy definitions. 9
  • 10. Components of Oracle Label Security ◉ Labels: authorizations for users and program units, govern access to specified protected objects • Levels: indicate the type of sensitivity that you want to assign to the row • Compartments: represent the projects in this example that help define more precise access controls • Groups: identify organizations owning or accessing the data ◉ Policy: name associated with these labels, rules, authorizations, and protected tables 10
  • 11. Oracle Label Security Architecture 11
  • 12. Data Masking and Subsetting 4 12
  • 13. The Need to Mask and Subset data ◉ Limit sensitive data proliferation ◉ Share what is necessary ◉ Comply with data privacy laws and standards ◉ Minimize storage costs 13
  • 14. Major Components of Oracle Data Masking and Subsetting ◉ Application Data Modeling ◉ Data Masking Format Library ◉ Data Masking Transformations ◉ Data Subsetting ◉ Application Templates 14
  • 16. Deployment Options ◉ In-Database mode ◉ In-Export mode ◉ Heterogeneous mode 16
  • 19. What is Auditing ◉ the monitoring and recording of selected user database actions, from both database users and nondatabase users ◉ The actions that you audit are recorded in either data dictionary tables or in operating system files 19
  • 20. Why is Auditing Used ◉ Enable accountability for actions ◉ Investigate suspicious activity ◉ Notify an auditor of the actions of an unauthorized user ◉ Monitor and gather data about specific database activities ◉ Detect problems with an authorization or access control implementation 20
  • 21. Types of Auditing Unified and Conditional Auditing ➢ Audit data managed using the built- in audit data management package within the database ➢ The AUDIT_ADMIN and AUDIT_VIEWER roles provides separation of duty ➢ Oracle audit vault and database firewall is integrated with this Traditional Database Auditing ➢ Prevent overhead on the source database system ➢ Be written to the operating system files as this configuration 21
  • 23. Any questions ? You can find us at ◉ [email protected][email protected] Thanks! 23