Account security probably raises the most controversies and is the most difficult aspect of database security. For example your database could have third-party applications schemas that have more privileges than they actually need.I have seen during my experience many application schema users with all ANY
type privileges or DBA
and SYSDBA
role granted due to a misguided application design. In such a situation, it could be very difficult to revoke privileges because there is a risk of affecting the entire application functionality. The access to the database is granted through a form of authentication, and all access to database objects is performed through user accounts. Too many privileges and weak passwords will open the door to sensitive data. Probably, one of the most successful outcomes of a hacker's attack would be to find or crack passwords for users with administrative rights. For example, in previous Oracle versions, such as 9i and 10g, there were active users installed...
Oracle 11g Anti-hacker's Cookbook
By :
Oracle 11g Anti-hacker's Cookbook
By:
Overview of this book
For almost all organizations, data security is a matter of prestige and credibility. The Oracle Database is one of the most rich in features and probably the most used Database in a variety of industries where security is essential. To ensure security of data both in transit and on the disk, Oracle has implemented the security technologies to achieve a reliable and solid system. In Oracle 11g Anti-Hacker's Cookbook, you will learn about the most important solutions that can be used for better database security."Oracle 11g Anti-hacker's Cookbook" covers all the important security measures and includes various tips and tricks to protect your Oracle Database."Oracle 11g Anti-hacker's Cookbook" uses real-world scenarios to show you how to secure the Oracle Database server from different perspectives and against different attack scenarios. Almost every chapter has a possible threads section, which describes the major dangers that can be confronted. The initial chapters cover how to defend the operating system, the network, the data and the users. The defense scenarios are linked and designed to prevent these attacks. The later chapters cover Oracle Vault, Oracle VPD, Oracle Labels, and Oracle Audit. Finally, in the Appendices, the book demonstrates how to perform a security assessment against the operating system and the database, and how to use a DAM tool for monitoring.
Table of Contents (16 chapters)
Oracle 11g Anti-hacker's Cookbook
Credits
Foreword
About the Author
About the Reviewers
www.PacktPub.com
Preface
Free Chapter
Operating System Security
Securing the Network and Data in Transit
Securing Data at Rest
Authentication and User Security
Beyond Privileges: Oracle Virtual Private Database
Beyond Privileges: Oracle Label Security
Beyond Privileges: Oracle Database Vault
Tracking and Analysis: Database Auditing
Index
Customer Reviews