Oracle Database Security


Published on

From the outset, Oracle has delivered the industry's most advanced technology to safeguard data where it lives—in the database. Oracle provides a comprehensive portfolio of security solutions to ensure data privacy, protect against insider threats, and enable regulatory compliance for both Oracle and non-Oracle Databases. With Oracle's powerful database activity monitoring and blocking, privileged user and multi-factor access control, data classification, transparent data encryption, consolidated auditing and reporting, secure configuration management, and data masking, customers can deploy reliable data security solutions that do not require any changes to existing applications, saving time and money.

Published in: Technology, Business
1 Comment
  • Sir Please tell me how to convert Oracle User's Password hash to string. I mean how to see real password.
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Oracle Database Security

  1. 1. Oracle Database Security
  2. 2. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.2Billions of Database Records Breached Globally97% of Breaches Were Avoidable with Basic Controls98% records stolenfrom databases84% records breachedusing stolen credentials92% discoveredby third party
  3. 3. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.3Oracle Database Security SolutionsDefense-in-Depth for Maximum SecurityActivity MonitoringDatabase FirewallAuditing and ReportingDETECTIVERedaction and MaskingPrivileged User ControlsEncryptionPREVENTIVE ADMINISTRATIVESensitive Data DiscoveryConfiguration ManagementPrivilege Analysis
  4. 4. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.4 Transparent data encryption Prevents access to stored data Built-in two-tier key management Support for HSM/KMS Integration with critical OracleDatabase technologiesOracle Advanced SecurityEncryption is the FoundationPreventive Control for Oracle DatabasesDiskBackupsExportsOff-SiteFacilitiesApplications
  5. 5. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.5 Replace sensitive app data Referential integrity preserved Extensible template library Automated masking policies Support for non-Oracle databasesOracle Data MaskingMasking Data for Non-Production UsePreventive Control for Oracle DatabasesLAST_NAME SSN SALARYANSKEKSL 323—23-1111 60,000BKJHHEIEDK 252-34-1345 40,000LAST_NAME SSN SALARYAGUILAR 203-33-3234 40,000BENSON 323-22-2943 60,000ProductionNon-ProductionDevTestProduction
  6. 6. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.6 Limit DBA access to app data Multi-factor authorization Enforce enterprise datagovernance, least privilege Realms create protective zones Out-of-the-box application policiesDatabase VaultPrivileged User ControlsPreventive Control for Oracle DatabasesProcurementHRFinanceselect * from finance.customersApplicationDBAApplicationsSecurityDBADBA
  7. 7. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.7Oracle Label SecurityLabel Based Access ControlPreventive Control for Oracle DatabasesTransactionsReport DataReportsConfidential SensitiveSensitiveConfidentialPublic Virtual information partitioning Apply labels to users and data Flexible classification labels Automatically enforced row levelaccess control Transparent to applications
  8. 8. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.8 Monitor database traffic Detect, block unauthorized activityincluding SQL injection attacks Unique SQL grammar analysis Whitelists, blacklists enforce activity Scalable software applianceOracle Audit Vault andDatabase FirewallDatabase Activity Monitoring and FirewallDetective Control for Oracle and non-Oracle DatabasesBlockLogAllowAlertSubstituteAppsWhitelist BlacklistSQLAnalysis PolicyFactorsUsers
  9. 9. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.9Audit, Report, and Alert in Real-TimeDetective Control for Oracle and non-Oracle DatabasesPoliciesBuilt-inReportsAlertsCustomReports!SecurityAnalystOS &StorageDirectoriesDatabasesOracleDatabaseFirewallCustomAudit Data &Event LogsSOCDBA Secure centralized repository Detect, alert suspicious activities Out-of-the box custom andcompliance reporting Streamline database audits Built-in separation of dutiesOracle Audit Vault andDatabase FirewallAuditor
  10. 10. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.10 Scan Oracle for sensitive data Built-in, extensible definitions Create and maintain applicationdata models Protect data appropriately:encrypt, redact, mask, audit…Oracle Enterprise ManagerDiscover Sensitive Data and DatabasesAdministrative Control for Oracle Databases
  11. 11. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.11 Discover and classify databases Scan for best practices, standards Detect unauthorized changes Automated remediation Patching and provisioningOracle Database Lifecycle ManagementConfiguration ManagementAdministrative Control for Oracle DatabasesDiscoverScan & MonitorPatch
  12. 12. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.12 Enterprise ready Security and compliance Simple and flexible Speed and Database Security CustomersCustomer BenefitsCustomers Worldwide Rely on Oracle
  13. 13. Copyright © 2013, Oracle and/or its affiliates. All rights reserved.13For More