SlideShare a Scribd company logo

Odv oracle customer_demo

Download as PPTX, PDF
Viaggio Italia
Viaggio Italia

This document provides an overview and agenda for a presentation on Oracle Database Vault. It discusses securing data using realms, factors, command rules and rule sets in Database Vault. It also covers auditing violations which are logged in the database and to the operating system. The document concludes with a brief section on the impact of backups on a Database Vault secured system when using export, Data Pump and RMAN.

Design
1 of 39
18-May-2016 ODV - Oracle Database Vault Gino D’ Alfonso / Harry Goossens
Program / Agenda • Overview • Securing Data using Database Vault • Auditing • Exports and Backups
33 Overview What is Oracle Database Vault ? • Oracle Database Vault (ODV) was introduced in Oracle 9iR2. • ODV restricts access to specific areas in an Oracle database from any user. • Enables you to apply access control to sensitive data. • Protect data from super-privileged (like DBA) users but still let them maintain the Oracle database
44 Overview Why Oracle Database Vault ? • Systems with integrity, confidentiality = 3 (IV=3). • Separation of duties. • Internal control. • Reasons like BASEL, SOX, PCI, DSS • Don’t trust the DBA
55 Overview
66 Overview • Virtual Private Database (VPD): Restricts access to certain rows for a user by modifying the WHERE clause • Oracle Label Security (OLS): Mediates access to a given row, based on the label on the row and the security level of the user • VPD and OLS restrict access at the row level, whereas Oracle Database Vault restricts access at the object and command levels. • Transparent Data Encryption (TDE) Out of the box, TDE provides (strong) encryption for the database ODV is integrable with VPD, OLS and TDE
Program / Agenda • Securing Data using Database Vault
88 Securing Data Realms (gebieden): Functional grouping of database schemas, objects, and roles that need to be secured. (example: all objects from SCOTT belong to realm RLM_SCOTT) Command rules: A special rule that you can create to control how users can execute almost any SQL statement, including SELECT, ALTER SYSTEM, database definition language (DDL), and data manipulation language (DML) statements. (example: SELECT on SCOTT objects)
99 Securing Data Factors: A named variable or attribute, such as a user location, database IP address, or session user, which Oracle Database Vault can recognize and secure. (Example: FAC_HOSTNAME => ‘hostname=‘exdb4002-adm’) Rule sets: A collection of one or more rules that you can associate with a realm authorization, command rule, factor assignment, or secure application role. (Example: RST_IS_LASTDAYOFMONTH) Rules: Like “WHERE department = [whatever]” (Example: RUL_DBUSER_ISNOT_GOOSSENSHFM)
1010 Securing Data
1111 Securing Data connect / as sysdba create user harry grant dba to harry; connect harry select * from owner_dbt.emp;
1212 Securing Data connect / as sysdba create user harry grant dba to harry; connect harry select * from owner_dbt.emp;
1313 Securing Data
1414 Securing Data The key to Separation of Duties is that no one single ROLE can do everything. • The DV_OWNER role can only do data security. • The DV_ACCTMGR role can only create/drop users A DBA role can do anything EXCEPT data security and create/drop users – and is subject to any data security setup by the DV_OWNER role. By default Rabobank does not separate data and user administration. Both roles (DV_OWNER and DV_ACCTMGR) are granted to the same user.
1515 Securing Data $ sqlplus system/******** SQL*Plus: Release 11.2.0.4.0 Production on Tue Apr 26 14:27:23 2016 Copyright (c) 1982, 2013, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, Real Application Clusters, Automatic Storage Management, Oracle Label Security, OLAP, Data Mining, Oracle Database Vault and Real Application Testing options SYSTEM@OLTB7_1 SQL> SELECT * FROM owner_dbt.emp; EMPNO ENAME JOB MGR HIREDATE SAL COMM DEPTNO ---------- ------------------------------ --------------------------- ---------- ------------------- ---------- --- ------- ---------- 7369 SMITH CLERK 7902 14-12-2013:00:00:00 800 20 …. 7902 FORD ANALYST 7566 30-11-2014:00:00:00 3000 20 7934 MILLER CLERK 7782 20-01-2015:00:00:00 1300 10 14 rows selected. SYSTEM@OLTB7_1 SQL>
1616 Securing Data Realm Secured Objects (owner_dbt.emp) Authorizations One Many
1717 Securing Data $ sqlplus system SQL*Plus: Release 11.2.0.4.0 Production on Tue Apr 26 14:58:07 2016 Copyright (c) 1982, 2013, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, Real Application Clusters, Automatic Storage Management, Oracle Label Security, OLAP, Data Mining, Oracle Database Vault and Real Application Testing options SYSTEM@OLTB7_1 SQL> select * from owner_dbt.emp; select * from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges SYSTEM@OLTB7_1 SQL> select * from owner_dbt.dept; DEPTNO DNAME LOC ---------- ------------------------------------------ --------------------------------------- 10 ACCOUNTING NEW YORK … 40 OPERATIONS BOSTON SYSTEM@OLTB7_1 SQL>
1818 Securing Data application user OWNER_DBT Application server connects to database as user user_app_dbt support users Support users connect with individual accounts with read-only access user_dbt
1919 Securing Data grant select insert update delete user_app_dbt owner_dbt_ro_role user_dbt grant select all objects grant role OWNER_DBT
2020 Securing Data To create the app user we need the special security account with the dv_acctmgr role SYSTEM@OLTB7_1 SQL> create user user_app_dbt identified by ******* default tablespace users; create user user_app_dbt identified by ******** default tablespace users * ERROR at line 1: ORA-47306: 20006: No way Jose SYSTEM@OLTB7_1 SQL> connect owner_dvt Connected. OWNER_DVT@OLTB7_1 SQL> create user user_app_dbt identified by ******** default tablespace users; User created. OWNER_DVT@OLTB7_1 SQL> grant connect to user_app_dbt; Grant succeeded. OWNER_DVT@OLTB7_1 SQL>
2121 Securing Data Create the RO user and create RO role OWNER_DVT@OLTB7_1 SQL> create user user_dbt identified by ******** default tablespace users; User created. OWNER_DVT@OLTB7_1 SQL> grant connect to user_dbt; Grant succeeded. OWNER_DVT@OLTB7_1 SQL> SYSTEM@OLTB7_1 SQL> create role owner_dbt_ro_role; Role created. SYSTEM@OLTB7_1 SQL> grant owner_dbt_ro_role to user_dbt; Grant succeeded. SYSTEM@OLTB7_1 SQL>
2222 Securing Data $ sqlplus owner_dbt/******** SQL*Plus: Release 11.2.0.4.0 Production on Tue Apr 26 17:37:16 2016 Copyright (c) 1982, 2013, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, Real Application Clusters, Automatic Storage Management, Oracle Label Security, OLAP, Data Mining, Oracle Database Vault and Real Application Testing options OWNER_DBT@OLTB7_1 SQL> grant select, insert, update, delete on emp to user_app_dbt; Grant succeeded. OWNER_DBT@OLTB7_1 SQL> grant select on emp to owner_dbt_ro_role; Grant succeeded. OWNER_DBT@OLTB7_1 SQL>
2323 Securing Data grant select insert update delete user_app_dbt owner_dbt_ro_role user_dbt grant select all objects grant role OWNER_DBT
2424 Securing Data USER_DBT@OLTB7_1 SQL> connect user_dbt/******** Connected. USER_DBT@OLTB7_1 SQL> select count(*) from owner_dbt.emp; COUNT(*) ---------- 14 USER_DBT@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges READ access granted through “owner_dbt_ro_role”, delete not permitted
2525 Securing Data SYS@OLTB7_1 SQL> connect user_app_dbt/******** Connected. USER_APP_DBT@OLTB7_1 SQL> select count(*) from owner_dbt.emp; COUNT(*) ---------- 14 USER_APP_DBT@OLTB7_1 SQL> delete from owner_dbt.emp; 14 rows deleted. USER_APP_DBT@OLTB7_1 SQL> rollback; Rollback complete. USER_APP_DBT@OLTB7_1 SQL> READ, WRITE, DELETE and UPDATE access granted through “GRANT”
2626 Securing Data SYSTEM@OLTB7_1 SQL> select count(*) from owner_dbt.emp; COUNT(*) ---------- 14 SYSTEM@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges What the heck is going on, SYSTEM can still SELECT from OWNER_DBT.EMP? SYSTEM@OLTB7_1 SQL> select * from session_roles where role like 'OWNER%'; ROLE ----------------- OWNER_DBT_RO_ROLE
2727 Securing Data ROLE has been created by SYSTEM and because of this is granted access also. There is a nice solution for this but we keep it simple for now. SYSTEM@OLTB7_1 SQL> drop role owner_dbt_ro_role; Role dropped. SYSTEM@OLTB7_1 SQL> connect owner_dbt/******** Connected. OWNER_DBT@OLTB7_1 SQL> grant select on emp to user_dbt; Grant succeeded. OWNER_DBT@OLTB7_1 SQL> connect system/******** Connected. SYSTEM@OLTB7_1 SQL> select count(*) from owner_dbt.emp; select count(*) from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges SYSTEM@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges
2828 Securing Data $ sqlplus / as sysdba SQL*Plus: Release 11.2.0.4.0 Production on Thu Apr 28 10:39:25 2016 Copyright (c) 1982, 2013, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, Real Application Clusters, Automatic Storage Management, Oracle Label Security, OLAP, Data Mining, Oracle Database Vault and Real Application Testing options SYS@OLTB7_1 SQL> select count(*) from owner_dbt.emp; select count(*) from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges SYS@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges
2929 Securing Data SYS@OLTB7_1 SQL> connect user_dbt/******** Connected. USER_DBT@OLTB7_1 SQL> select count(*) from owner_dbt.emp; COUNT(*) ---------- 14 USER_DBT@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges
3030 Securing Data USER_DBT@OLTB7_1 SQL> connect owner_dvt/******** Connected. OWNER_DVT@OLTB7_1 SQL> select count(*) from owner_dbt.emp; select count(*) from owner_dbt.emp * ERROR at line 1: ORA-00942: table or view does not exist OWNER_DVT@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-00942: table or view does not exist
Program / Agenda • Auditing
3232 Auditing All actions (failed and/or succeeded) are logged within the database.
3333 Auditing A trigger on audit table makes sure all violations are also written to OS (root) Apr 28 09:44:52 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:09:44:52 fname=3433240261 deviceProcessName=DELETE FROM OWNER_DBT.EMP duser=SYSTEM suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name Apr 28 10:11:59 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:10:11:59 fname=3433240261 deviceProcessName=SELECT COUNT(*) FROM OWNER_DBT.EMP duser=SYSTEM suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name Apr 28 10:12:08 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:10:12:08 fname=3433240261 deviceProcessName=DELETE FROM OWNER_DBT.EMP duser=SYSTEM suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name Apr 28 10:39:34 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:10:39:34 fname=3433240261 deviceProcessName=SELECT COUNT(*) FROM OWNER_DBT.EMP duser=SYS suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name Apr 28 10:39:39 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:10:39:39 fname=3433240261 deviceProcessName=DELETE FROM OWNER_DBT.EMP duser=SYS suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name Apr 28 10:52:25 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:10:52:25 fname=3433240261 deviceProcessName=SELECT "OWNER_DBT"."EMP".* FROM "OWNER_DBT"."EMP" duser=SYSTEM suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name [root@exdb1003-adm oracle_audit]#
Program / Agenda • Backups
3535 Backups Impact of Backups • Export • Data Pump • RMAN
3636 Backups Export …. . about to export OWNER_DBT's tables via Conventional Path ... . . exporting table AAP 0 rows exported . . exporting table BONUS 0 rows exported . . exporting table DEPT 4 rows exported EXP-00091: Exporting questionable statistics. . . exporting table DUMMY 1 rows exported EXP-00091: Exporting questionable statistics. . . exporting table EMP EXP-00056: ORACLE error 1031 encountered ORA-01031: insufficient privileges . . exporting table MIES 0 rows exported . . exporting table NOOT 0 rows exported . . exporting table SALARY 2 rows exported EXP-00091: Exporting questionable statistics. . . exporting table SALGRADE 5 rows exported EXP-00091: Exporting questionable statistics. ……
3737 Securing Data Data Pump …. Processing object type SCHEMA_EXPORT/POST_SCHEMA/PROCACT_SCHEMA ORA-31693: Table data object "OWNER_DBT"."DEPT" failed to load/unload and is being skipped due to error: ORA-02354: error in exporting/importing data ORA-28116: insufficient privileges to do direct path access ORA-31693: Table data object "OWNER_DBT"."DUMMY" failed to load/unload and is being skipped due to error: ORA-02354: error in exporting/importing data ORA-28116: insufficient privileges to do direct path access ORA-31693: Table data object "OWNER_DBT"."EMP" failed to load/unload and is being skipped due to error: ORA-02354: error in exporting/importing data ORA-28116: insufficient privileges to do direct path access ORA-31693: Table data object "OWNER_DBT"."SALARY" failed to load/unload and is being skipped due to error: ORA-02354: error in exporting/importing data ORA-28116: insufficient privileges to do direct path access ORA-31693: Table data object "OWNER_DBT"."SALGRADE" failed to load/unload and is being skipped due to error: ORA-02354: error in exporting/importing data ORA-28116: insufficient privileges to do direct path access ….
3838 Backups RMAN • Requires SYSDBA access • May need to hardcode SYS password or use wallet • Works successfully
3939 Backups • EXP/EXPDP need privileges from REALM owner. Export files are non-secured. • RMAN bacups are block based and recoverable within another database (clone/duplicate)

Recommended

Tde oracle customer_demo
Tde oracle customer_demoTde oracle customer_demo
Tde oracle customer_demo
Viaggio Italia
 
Oracle advance security transparent data encryption best practices
Oracle advance security transparent data encryption best practices Oracle advance security transparent data encryption best practices
Oracle advance security transparent data encryption best practices
FITSFSd
 
UKOUG, Oracle Transaction Locks
UKOUG, Oracle Transaction LocksUKOUG, Oracle Transaction Locks
UKOUG, Oracle Transaction Locks
Kyle Hailey
 
Oracle 10g Performance: chapter 09 enqueues
Oracle 10g Performance: chapter 09 enqueuesOracle 10g Performance: chapter 09 enqueues
Oracle 10g Performance: chapter 09 enqueues
Kyle Hailey
 
OOUG: Oracle transaction locking
OOUG: Oracle transaction lockingOOUG: Oracle transaction locking
OOUG: Oracle transaction locking
Kyle Hailey
 
MySQL 8.0 Operational Changes
MySQL 8.0 Operational ChangesMySQL 8.0 Operational Changes
MySQL 8.0 Operational Changes
Dave Stokes
 
MySQL Replication Update - DEbconf 2020 presentation
MySQL Replication Update - DEbconf 2020 presentationMySQL Replication Update - DEbconf 2020 presentation
MySQL Replication Update - DEbconf 2020 presentation
Dave Stokes
 
Second Step to the NoSQL Side: MySQL JSON Functions
Second Step to the NoSQL Side: MySQL JSON FunctionsSecond Step to the NoSQL Side: MySQL JSON Functions
Second Step to the NoSQL Side: MySQL JSON Functions
Sveta Smirnova
 

Recommended

Tde oracle customer_demo
Tde oracle customer_demoTde oracle customer_demo
Tde oracle customer_demo
Viaggio Italia
 
Oracle advance security transparent data encryption best practices
Oracle advance security transparent data encryption best practices Oracle advance security transparent data encryption best practices
Oracle advance security transparent data encryption best practices
FITSFSd
 
UKOUG, Oracle Transaction Locks
UKOUG, Oracle Transaction LocksUKOUG, Oracle Transaction Locks
UKOUG, Oracle Transaction Locks
Kyle Hailey
 
Oracle 10g Performance: chapter 09 enqueues
Oracle 10g Performance: chapter 09 enqueuesOracle 10g Performance: chapter 09 enqueues
Oracle 10g Performance: chapter 09 enqueues
Kyle Hailey
 
OOUG: Oracle transaction locking
OOUG: Oracle transaction lockingOOUG: Oracle transaction locking
OOUG: Oracle transaction locking
Kyle Hailey
 
MySQL 8.0 Operational Changes
MySQL 8.0 Operational ChangesMySQL 8.0 Operational Changes
MySQL 8.0 Operational Changes
Dave Stokes
 
MySQL Replication Update - DEbconf 2020 presentation
MySQL Replication Update - DEbconf 2020 presentationMySQL Replication Update - DEbconf 2020 presentation
MySQL Replication Update - DEbconf 2020 presentation
Dave Stokes
 
Second Step to the NoSQL Side: MySQL JSON Functions
Second Step to the NoSQL Side: MySQL JSON FunctionsSecond Step to the NoSQL Side: MySQL JSON Functions
Second Step to the NoSQL Side: MySQL JSON Functions
Sveta Smirnova
 
Database security best_practices
Database security best_practicesDatabase security best_practices
Database security best_practices
Tarik Essawi
 
oracle cloud with 2 nodes processing
oracle cloud with 2 nodes processingoracle cloud with 2 nodes processing
oracle cloud with 2 nodes processing
mahdi ahmadi
 
Oracle Exadata Maintenance tasks 101 - OTN Tour 2015
Oracle Exadata Maintenance tasks 101 - OTN Tour 2015Oracle Exadata Maintenance tasks 101 - OTN Tour 2015
Oracle Exadata Maintenance tasks 101 - OTN Tour 2015
Nelson Calero
 
MySQL Without the SQL -- Oh My! Longhorn PHP Conference
MySQL Without the SQL -- Oh My! Longhorn PHP ConferenceMySQL Without the SQL -- Oh My! Longhorn PHP Conference
MySQL Without the SQL -- Oh My! Longhorn PHP Conference
Dave Stokes
 
JavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScript
JavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScriptJavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScript
JavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScript
Dave Stokes
 
Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...
Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...
Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...
webhostingguy
 
Scaling MySQL Strategies for Developers
Scaling MySQL Strategies for DevelopersScaling MySQL Strategies for Developers
Scaling MySQL Strategies for Developers
Jonathan Levin
 
MySQL 8.0 New Features -- September 27th presentation for Open Source Summit
MySQL 8.0 New Features -- September 27th presentation for Open Source SummitMySQL 8.0 New Features -- September 27th presentation for Open Source Summit
MySQL 8.0 New Features -- September 27th presentation for Open Source Summit
Dave Stokes
 
MySQL Without the MySQL -- Oh My!
MySQL Without the MySQL -- Oh My!MySQL Without the MySQL -- Oh My!
MySQL Without the MySQL -- Oh My!
Dave Stokes
 
MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016
MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016
MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016
Dave Stokes
 
My First 100 days with an Exadata (WP)
My First 100 days with an Exadata (WP)My First 100 days with an Exadata (WP)
My First 100 days with an Exadata (WP)
Gustavo Rene Antunez
 
Distrubuted database connection with oracle
Distrubuted database connection with oracleDistrubuted database connection with oracle
Distrubuted database connection with oracle
ashrafulais
 
Wait events
Wait eventsWait events
Wait events
anujkumarsingh08
 
2014.11 asfws
2014.11 asfws2014.11 asfws
2014.11 asfws
Cyber Security Alliance
 
Fatkulin presentation
Fatkulin presentationFatkulin presentation
Fatkulin presentation
Enkitec
 
Hangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASH
Hangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASHHangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASH
Hangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASH
Roy Salazar
 
E56576 01
E56576 01E56576 01
E56576 01
Wilfred Mbithi Luvai
 
DataStax NYC Java Meetup: Cassandra with Java
DataStax NYC Java Meetup: Cassandra with JavaDataStax NYC Java Meetup: Cassandra with Java
DataStax NYC Java Meetup: Cassandra with Java
carolinedatastax
 
Deploy Mediawiki Using FIWARE Lab Facilities
Deploy Mediawiki Using FIWARE Lab FacilitiesDeploy Mediawiki Using FIWARE Lab Facilities
Deploy Mediawiki Using FIWARE Lab Facilities
FIWARE
 
PXC (Xtradb) Failure and Recovery
PXC (Xtradb) Failure and RecoveryPXC (Xtradb) Failure and Recovery
PXC (Xtradb) Failure and Recovery
Alkin Tezuysal
 
Oracle Database Vaultのご紹介
Oracle Database Vaultのご紹介Oracle Database Vaultのご紹介
Oracle Database Vaultのご紹介
オラクルエンジニア通信
 
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Alex Zaballa
 

More Related Content

What's hot

Database security best_practices
Database security best_practicesDatabase security best_practices
Database security best_practices
Tarik Essawi
 
oracle cloud with 2 nodes processing
oracle cloud with 2 nodes processingoracle cloud with 2 nodes processing
oracle cloud with 2 nodes processing
mahdi ahmadi
 
Oracle Exadata Maintenance tasks 101 - OTN Tour 2015
Oracle Exadata Maintenance tasks 101 - OTN Tour 2015Oracle Exadata Maintenance tasks 101 - OTN Tour 2015
Oracle Exadata Maintenance tasks 101 - OTN Tour 2015
Nelson Calero
 
MySQL Without the SQL -- Oh My! Longhorn PHP Conference
MySQL Without the SQL -- Oh My! Longhorn PHP ConferenceMySQL Without the SQL -- Oh My! Longhorn PHP Conference
MySQL Without the SQL -- Oh My! Longhorn PHP Conference
Dave Stokes
 
JavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScript
JavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScriptJavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScript
JavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScript
Dave Stokes
 
Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...
Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...
Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...
webhostingguy
 
Scaling MySQL Strategies for Developers
Scaling MySQL Strategies for DevelopersScaling MySQL Strategies for Developers
Scaling MySQL Strategies for Developers
Jonathan Levin
 
MySQL 8.0 New Features -- September 27th presentation for Open Source Summit
MySQL 8.0 New Features -- September 27th presentation for Open Source SummitMySQL 8.0 New Features -- September 27th presentation for Open Source Summit
MySQL 8.0 New Features -- September 27th presentation for Open Source Summit
Dave Stokes
 
MySQL Without the MySQL -- Oh My!
MySQL Without the MySQL -- Oh My!MySQL Without the MySQL -- Oh My!
MySQL Without the MySQL -- Oh My!
Dave Stokes
 
MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016
MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016
MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016
Dave Stokes
 
My First 100 days with an Exadata (WP)
My First 100 days with an Exadata (WP)My First 100 days with an Exadata (WP)
My First 100 days with an Exadata (WP)
Gustavo Rene Antunez
 
Distrubuted database connection with oracle
Distrubuted database connection with oracleDistrubuted database connection with oracle
Distrubuted database connection with oracle
ashrafulais
 
Wait events
Wait eventsWait events
Wait events
anujkumarsingh08
 
2014.11 asfws
2014.11 asfws2014.11 asfws
2014.11 asfws
Cyber Security Alliance
 
Fatkulin presentation
Fatkulin presentationFatkulin presentation
Fatkulin presentation
Enkitec
 
Hangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASH
Hangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASHHangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASH
Hangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASH
Roy Salazar
 
E56576 01
E56576 01E56576 01
E56576 01
Wilfred Mbithi Luvai
 
DataStax NYC Java Meetup: Cassandra with Java
DataStax NYC Java Meetup: Cassandra with JavaDataStax NYC Java Meetup: Cassandra with Java
DataStax NYC Java Meetup: Cassandra with Java
carolinedatastax
 
Deploy Mediawiki Using FIWARE Lab Facilities
Deploy Mediawiki Using FIWARE Lab FacilitiesDeploy Mediawiki Using FIWARE Lab Facilities
Deploy Mediawiki Using FIWARE Lab Facilities
FIWARE
 
PXC (Xtradb) Failure and Recovery
PXC (Xtradb) Failure and RecoveryPXC (Xtradb) Failure and Recovery
PXC (Xtradb) Failure and Recovery
Alkin Tezuysal
 

What's hot (20)

Database security best_practices
Database security best_practicesDatabase security best_practices
Database security best_practices
 
oracle cloud with 2 nodes processing
oracle cloud with 2 nodes processingoracle cloud with 2 nodes processing
oracle cloud with 2 nodes processing
 
Oracle Exadata Maintenance tasks 101 - OTN Tour 2015
Oracle Exadata Maintenance tasks 101 - OTN Tour 2015Oracle Exadata Maintenance tasks 101 - OTN Tour 2015
Oracle Exadata Maintenance tasks 101 - OTN Tour 2015
 
MySQL Without the SQL -- Oh My! Longhorn PHP Conference
MySQL Without the SQL -- Oh My! Longhorn PHP ConferenceMySQL Without the SQL -- Oh My! Longhorn PHP Conference
MySQL Without the SQL -- Oh My! Longhorn PHP Conference
 
JavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScript
JavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScriptJavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScript
JavaScript and Friends August 20th, 20201 -- MySQL Shell and JavaScript
 
Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...
Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...
Troubleshooting SQL Server 2000 Virtual Server /Service Pack ...
 
Scaling MySQL Strategies for Developers
Scaling MySQL Strategies for DevelopersScaling MySQL Strategies for Developers
Scaling MySQL Strategies for Developers
 
MySQL 8.0 New Features -- September 27th presentation for Open Source Summit
MySQL 8.0 New Features -- September 27th presentation for Open Source SummitMySQL 8.0 New Features -- September 27th presentation for Open Source Summit
MySQL 8.0 New Features -- September 27th presentation for Open Source Summit
 
MySQL Without the MySQL -- Oh My!
MySQL Without the MySQL -- Oh My!MySQL Without the MySQL -- Oh My!
MySQL Without the MySQL -- Oh My!
 
MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016
MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016
MySQL Utilities -- Cool Tools For You: PHP World Nov 16 2016
 
My First 100 days with an Exadata (WP)
My First 100 days with an Exadata (WP)My First 100 days with an Exadata (WP)
My First 100 days with an Exadata (WP)
 
Distrubuted database connection with oracle
Distrubuted database connection with oracleDistrubuted database connection with oracle
Distrubuted database connection with oracle
 
Wait events
Wait eventsWait events
Wait events
 
2014.11 asfws
2014.11 asfws2014.11 asfws
2014.11 asfws
 
Fatkulin presentation
Fatkulin presentationFatkulin presentation
Fatkulin presentation
 
Hangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASH
Hangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASHHangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASH
Hangover - Que pasó ayer? Troubleshooting con vistas ASH & S-ASH
 
E56576 01
E56576 01E56576 01
E56576 01
 
DataStax NYC Java Meetup: Cassandra with Java
DataStax NYC Java Meetup: Cassandra with JavaDataStax NYC Java Meetup: Cassandra with Java
DataStax NYC Java Meetup: Cassandra with Java
 
Deploy Mediawiki Using FIWARE Lab Facilities
Deploy Mediawiki Using FIWARE Lab FacilitiesDeploy Mediawiki Using FIWARE Lab Facilities
Deploy Mediawiki Using FIWARE Lab Facilities
 
PXC (Xtradb) Failure and Recovery
PXC (Xtradb) Failure and RecoveryPXC (Xtradb) Failure and Recovery
PXC (Xtradb) Failure and Recovery
 

Viewers also liked

Oracle Database Vaultのご紹介
Oracle Database Vaultのご紹介Oracle Database Vaultのご紹介
Oracle Database Vaultのご紹介
オラクルエンジニア通信
 
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Alex Zaballa
 
Corrige tp java
Corrige tp javaCorrige tp java
Corrige tp java
Maya Medjdoub
 
Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database Vault
Marco Alamanni
 
Introducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallIntroducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database Firewall
Troy Kitch
 
Enable oracle database vault
Enable oracle database vaultEnable oracle database vault
Enable oracle database vault
Osama Mustafa
 

Viewers also liked (6)

Oracle Database Vaultのご紹介
Oracle Database Vaultのご紹介Oracle Database Vaultのご紹介
Oracle Database Vaultのご紹介
 
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
Oracle Database 12c New Features for Developers and DBAs - OTN TOUR LA 2015
 
Corrige tp java
Corrige tp javaCorrige tp java
Corrige tp java
 
Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database Vault
 
Introducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallIntroducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database Firewall
 
Enable oracle database vault
Enable oracle database vaultEnable oracle database vault
Enable oracle database vault
 

Similar to Odv oracle customer_demo

12c db upgrade from 11.2.0.4
12c db upgrade from 11.2.0.412c db upgrade from 11.2.0.4
12c db upgrade from 11.2.0.4
uzzal basak
 
2008 Collaborate IOUG Presentation
2008 Collaborate IOUG Presentation2008 Collaborate IOUG Presentation
2008 Collaborate IOUG Presentation
Biju Thomas
 
Kangaroot EDB Webinar Best Practices in Security with PostgreSQL
Kangaroot EDB Webinar Best Practices in Security with PostgreSQLKangaroot EDB Webinar Best Practices in Security with PostgreSQL
Kangaroot EDB Webinar Best Practices in Security with PostgreSQL
Kangaroot
 
Less04_Database_Instance.ppt
Less04_Database_Instance.pptLess04_Database_Instance.ppt
Less04_Database_Instance.ppt
MuhammadUmair833474
 
Privilege Analysis with the Oracle Database
Privilege Analysis with the Oracle DatabasePrivilege Analysis with the Oracle Database
Privilege Analysis with the Oracle Database
Markus Flechtner
 
My sql 5.6&MySQL Cluster 7.3
My sql 5.6&MySQL Cluster 7.3My sql 5.6&MySQL Cluster 7.3
My sql 5.6&MySQL Cluster 7.3
Oleksii(Alexey) Porytskyi
 
Oracle database 12.2 new features
Oracle database 12.2 new featuresOracle database 12.2 new features
Oracle database 12.2 new features
Alfredo Krieg
 
JoTechies - Azure SQL DB
JoTechies - Azure SQL DBJoTechies - Azure SQL DB
JoTechies - Azure SQL DB
JoTechies
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data Redaction
Alex Zaballa
 
Security Multitenant
Security MultitenantSecurity Multitenant
Security Multitenant
Arush Jain
 
監査ログをもっと身近に!〜統合監査のすすめ〜
監査ログをもっと身近に!〜統合監査のすすめ〜監査ログをもっと身近に!〜統合監査のすすめ〜
監査ログをもっと身近に!〜統合監査のすすめ〜
Michitoshi Yoshida
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
EDB
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
Georgi Kodinov
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
EDB
 
Overview of RedDatabase 2.5
Overview of RedDatabase 2.5Overview of RedDatabase 2.5
Overview of RedDatabase 2.5
Mind The Firebird
 
11thingsabout11g 12659705398222 Phpapp01
11thingsabout11g 12659705398222 Phpapp0111thingsabout11g 12659705398222 Phpapp01
11thingsabout11g 12659705398222 Phpapp01
Karam Abuataya
 
11 Things About11g
11 Things About11g11 Things About11g
11 Things About11g
fcamachob
 
2011 Collaborate IOUG Presentation
2011 Collaborate IOUG Presentation2011 Collaborate IOUG Presentation
2011 Collaborate IOUG Presentation
Biju Thomas
 
Vault_KT.pptx
Vault_KT.pptxVault_KT.pptx
Vault_KT.pptx
SDPL Technologies
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
EDB
 

Similar to Odv oracle customer_demo (20)

12c db upgrade from 11.2.0.4
12c db upgrade from 11.2.0.412c db upgrade from 11.2.0.4
12c db upgrade from 11.2.0.4
 
2008 Collaborate IOUG Presentation
2008 Collaborate IOUG Presentation2008 Collaborate IOUG Presentation
2008 Collaborate IOUG Presentation
 
Kangaroot EDB Webinar Best Practices in Security with PostgreSQL
Kangaroot EDB Webinar Best Practices in Security with PostgreSQLKangaroot EDB Webinar Best Practices in Security with PostgreSQL
Kangaroot EDB Webinar Best Practices in Security with PostgreSQL
 
Less04_Database_Instance.ppt
Less04_Database_Instance.pptLess04_Database_Instance.ppt
Less04_Database_Instance.ppt
 
Privilege Analysis with the Oracle Database
Privilege Analysis with the Oracle DatabasePrivilege Analysis with the Oracle Database
Privilege Analysis with the Oracle Database
 
My sql 5.6&MySQL Cluster 7.3
My sql 5.6&MySQL Cluster 7.3My sql 5.6&MySQL Cluster 7.3
My sql 5.6&MySQL Cluster 7.3
 
Oracle database 12.2 new features
Oracle database 12.2 new featuresOracle database 12.2 new features
Oracle database 12.2 new features
 
JoTechies - Azure SQL DB
JoTechies - Azure SQL DBJoTechies - Azure SQL DB
JoTechies - Azure SQL DB
 
Oracle Data Redaction
Oracle Data RedactionOracle Data Redaction
Oracle Data Redaction
 
Security Multitenant
Security MultitenantSecurity Multitenant
Security Multitenant
 
監査ログをもっと身近に!〜統合監査のすすめ〜
監査ログをもっと身近に!〜統合監査のすすめ〜監査ログをもっと身近に!〜統合監査のすすめ〜
監査ログをもっと身近に!〜統合監査のすすめ〜
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
 
Overview of RedDatabase 2.5
Overview of RedDatabase 2.5Overview of RedDatabase 2.5
Overview of RedDatabase 2.5
 
11thingsabout11g 12659705398222 Phpapp01
11thingsabout11g 12659705398222 Phpapp0111thingsabout11g 12659705398222 Phpapp01
11thingsabout11g 12659705398222 Phpapp01
 
11 Things About11g
11 Things About11g11 Things About11g
11 Things About11g
 
2011 Collaborate IOUG Presentation
2011 Collaborate IOUG Presentation2011 Collaborate IOUG Presentation
2011 Collaborate IOUG Presentation
 
Vault_KT.pptx
Vault_KT.pptxVault_KT.pptx
Vault_KT.pptx
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
 

Recently uploaded

modular-kitchen home plan civil engineering.pdf
modular-kitchen home plan civil engineering.pdfmodular-kitchen home plan civil engineering.pdf
modular-kitchen home plan civil engineering.pdf
RashmitaSwain3
 
欧洲杯足彩-欧洲杯足彩比赛投注-欧洲杯足彩比赛投注官网|【​网址​🎉ac10.net🎉​】
欧洲杯足彩-欧洲杯足彩比赛投注-欧洲杯足彩比赛投注官网|【​网址​🎉ac10.net🎉​】欧洲杯足彩-欧洲杯足彩比赛投注-欧洲杯足彩比赛投注官网|【​网址​🎉ac10.net🎉​】
欧洲杯足彩-欧洲杯足彩比赛投注-欧洲杯足彩比赛投注官网|【​网址​🎉ac10.net🎉​】
bljeremy734
 
Intel-Centrino-Mobile-Technology-guidelines
Intel-Centrino-Mobile-Technology-guidelinesIntel-Centrino-Mobile-Technology-guidelines
Intel-Centrino-Mobile-Technology-guidelines
EricHo305923
 
一比一原版美国加州大学欧文分校毕业证(UCI学位证)如何办理
一比一原版美国加州大学欧文分校毕业证(UCI学位证)如何办理一比一原版美国加州大学欧文分校毕业证(UCI学位证)如何办理
一比一原版美国加州大学欧文分校毕业证(UCI学位证)如何办理
02tygie
 
一比一原版(UWS毕业证)澳洲西悉尼大学毕业证如何办理
一比一原版(UWS毕业证)澳洲西悉尼大学毕业证如何办理一比一原版(UWS毕业证)澳洲西悉尼大学毕业证如何办理
一比一原版(UWS毕业证)澳洲西悉尼大学毕业证如何办理
t34zod9l
 
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
wkip62b
 
一比一原版(KPU毕业证)加拿大昆特兰理工大学毕业证如何办理
一比一原版(KPU毕业证)加拿大昆特兰理工大学毕业证如何办理一比一原版(KPU毕业证)加拿大昆特兰理工大学毕业证如何办理
一比一原版(KPU毕业证)加拿大昆特兰理工大学毕业证如何办理
kmzsy4kn
 
一比一原版澳洲科廷科技大学毕业证(Curtin毕业证)如何办理
一比一原版澳洲科廷科技大学毕业证(Curtin毕业证)如何办理一比一原版澳洲科廷科技大学毕业证(Curtin毕业证)如何办理
一比一原版澳洲科廷科技大学毕业证(Curtin毕业证)如何办理
bz42w9z0
 
一比一原版美国加州大学戴维斯分校毕业证(ucdavis学位证)如何办理
一比一原版美国加州大学戴维斯分校毕业证(ucdavis学位证)如何办理一比一原版美国加州大学戴维斯分校毕业证(ucdavis学位证)如何办理
一比一原版美国加州大学戴维斯分校毕业证(ucdavis学位证)如何办理
twqryq79
 
Rethinking Kållered │ From Big Box to a Reuse Hub: A Transformation Journey ...
Rethinking Kållered │ From Big Box to a Reuse Hub: A Transformation Journey ...Rethinking Kållered │ From Big Box to a Reuse Hub: A Transformation Journey ...
Rethinking Kållered │ From Big Box to a Reuse Hub: A Transformation Journey ...
SirmaDuztepeliler
 
一比一原版南安普顿索伦特大学毕业证Southampton成绩单一模一样
一比一原版南安普顿索伦特大学毕业证Southampton成绩单一模一样一比一原版南安普顿索伦特大学毕业证Southampton成绩单一模一样
一比一原版南安普顿索伦特大学毕业证Southampton成绩单一模一样
3vgr39kx
 
一比一原版(爱大毕业证)美国爱荷华大学毕业证如何办理
一比一原版(爱大毕业证)美国爱荷华大学毕业证如何办理一比一原版(爱大毕业证)美国爱荷华大学毕业证如何办理
一比一原版(爱大毕业证)美国爱荷华大学毕业证如何办理
ynrtjotp
 
一比一原版英国伦敦政治经济学院毕业证(LSE学位证)如何办理
一比一原版英国伦敦政治经济学院毕业证(LSE学位证)如何办理一比一原版英国伦敦政治经济学院毕业证(LSE学位证)如何办理
一比一原版英国伦敦政治经济学院毕业证(LSE学位证)如何办理
k4krdgxx
 
一比一原版肯特大学毕业证UKC成绩单一模一样
一比一原版肯特大学毕业证UKC成绩单一模一样一比一原版肯特大学毕业证UKC成绩单一模一样
一比一原版肯特大学毕业证UKC成绩单一模一样
tobbk6s8
 
一比一原版马里兰大学毕业证(UMD毕业证书)如何办理
一比一原版马里兰大学毕业证(UMD毕业证书)如何办理一比一原版马里兰大学毕业证(UMD毕业证书)如何办理
一比一原版马里兰大学毕业证(UMD毕业证书)如何办理
9lq7ultg
 
欧洲杯足彩-欧洲杯足彩买球软件-欧洲杯足彩买球软件下载|【​网址​🎉ac123.net🎉​】
欧洲杯足彩-欧洲杯足彩买球软件-欧洲杯足彩买球软件下载|【​网址​🎉ac123.net🎉​】欧洲杯足彩-欧洲杯足彩买球软件-欧洲杯足彩买球软件下载|【​网址​🎉ac123.net🎉​】
欧洲杯足彩-欧洲杯足彩买球软件-欧洲杯足彩买球软件下载|【​网址​🎉ac123.net🎉​】
batchelorerbm45967
 
一比一原版布兰登大学毕业证(BU毕业证书)如何办理
一比一原版布兰登大学毕业证(BU毕业证书)如何办理一比一原版布兰登大学毕业证(BU毕业证书)如何办理
一比一原版布兰登大学毕业证(BU毕业证书)如何办理
wkip62b
 
一比一原版(UCB毕业证)英国伯明翰大学学院毕业证如何办理
一比一原版(UCB毕业证)英国伯明翰大学学院毕业证如何办理一比一原版(UCB毕业证)英国伯明翰大学学院毕业证如何办理
一比一原版(UCB毕业证)英国伯明翰大学学院毕业证如何办理
zv943dhb
 
一比一原版(USQ毕业证书)南昆士兰大学毕业证如何办理
一比一原版(USQ毕业证书)南昆士兰大学毕业证如何办理一比一原版(USQ毕业证书)南昆士兰大学毕业证如何办理
一比一原版(USQ毕业证书)南昆士兰大学毕业证如何办理
p74xokfq
 
一比一原版(McGill毕业证)加拿大麦吉尔大学毕业证如何办理
一比一原版(McGill毕业证)加拿大麦吉尔大学毕业证如何办理一比一原版(McGill毕业证)加拿大麦吉尔大学毕业证如何办理
一比一原版(McGill毕业证)加拿大麦吉尔大学毕业证如何办理
w26izoeb
 

Recently uploaded (20)

modular-kitchen home plan civil engineering.pdf
modular-kitchen home plan civil engineering.pdfmodular-kitchen home plan civil engineering.pdf
modular-kitchen home plan civil engineering.pdf
 
欧洲杯足彩-欧洲杯足彩比赛投注-欧洲杯足彩比赛投注官网|【​网址​🎉ac10.net🎉​】
欧洲杯足彩-欧洲杯足彩比赛投注-欧洲杯足彩比赛投注官网|【​网址​🎉ac10.net🎉​】欧洲杯足彩-欧洲杯足彩比赛投注-欧洲杯足彩比赛投注官网|【​网址​🎉ac10.net🎉​】
欧洲杯足彩-欧洲杯足彩比赛投注-欧洲杯足彩比赛投注官网|【​网址​🎉ac10.net🎉​】
 
Intel-Centrino-Mobile-Technology-guidelines
Intel-Centrino-Mobile-Technology-guidelinesIntel-Centrino-Mobile-Technology-guidelines
Intel-Centrino-Mobile-Technology-guidelines
 
一比一原版美国加州大学欧文分校毕业证(UCI学位证)如何办理
一比一原版美国加州大学欧文分校毕业证(UCI学位证)如何办理一比一原版美国加州大学欧文分校毕业证(UCI学位证)如何办理
一比一原版美国加州大学欧文分校毕业证(UCI学位证)如何办理
 
一比一原版(UWS毕业证)澳洲西悉尼大学毕业证如何办理
一比一原版(UWS毕业证)澳洲西悉尼大学毕业证如何办理一比一原版(UWS毕业证)澳洲西悉尼大学毕业证如何办理
一比一原版(UWS毕业证)澳洲西悉尼大学毕业证如何办理
 
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
 
一比一原版(KPU毕业证)加拿大昆特兰理工大学毕业证如何办理
一比一原版(KPU毕业证)加拿大昆特兰理工大学毕业证如何办理一比一原版(KPU毕业证)加拿大昆特兰理工大学毕业证如何办理
一比一原版(KPU毕业证)加拿大昆特兰理工大学毕业证如何办理
 
一比一原版澳洲科廷科技大学毕业证(Curtin毕业证)如何办理
一比一原版澳洲科廷科技大学毕业证(Curtin毕业证)如何办理一比一原版澳洲科廷科技大学毕业证(Curtin毕业证)如何办理
一比一原版澳洲科廷科技大学毕业证(Curtin毕业证)如何办理
 
一比一原版美国加州大学戴维斯分校毕业证(ucdavis学位证)如何办理
一比一原版美国加州大学戴维斯分校毕业证(ucdavis学位证)如何办理一比一原版美国加州大学戴维斯分校毕业证(ucdavis学位证)如何办理
一比一原版美国加州大学戴维斯分校毕业证(ucdavis学位证)如何办理
 
Rethinking Kållered │ From Big Box to a Reuse Hub: A Transformation Journey ...
Rethinking Kållered │ From Big Box to a Reuse Hub: A Transformation Journey ...Rethinking Kållered │ From Big Box to a Reuse Hub: A Transformation Journey ...
Rethinking Kållered │ From Big Box to a Reuse Hub: A Transformation Journey ...
 
一比一原版南安普顿索伦特大学毕业证Southampton成绩单一模一样
一比一原版南安普顿索伦特大学毕业证Southampton成绩单一模一样一比一原版南安普顿索伦特大学毕业证Southampton成绩单一模一样
一比一原版南安普顿索伦特大学毕业证Southampton成绩单一模一样
 
一比一原版(爱大毕业证)美国爱荷华大学毕业证如何办理
一比一原版(爱大毕业证)美国爱荷华大学毕业证如何办理一比一原版(爱大毕业证)美国爱荷华大学毕业证如何办理
一比一原版(爱大毕业证)美国爱荷华大学毕业证如何办理
 
一比一原版英国伦敦政治经济学院毕业证(LSE学位证)如何办理
一比一原版英国伦敦政治经济学院毕业证(LSE学位证)如何办理一比一原版英国伦敦政治经济学院毕业证(LSE学位证)如何办理
一比一原版英国伦敦政治经济学院毕业证(LSE学位证)如何办理
 
一比一原版肯特大学毕业证UKC成绩单一模一样
一比一原版肯特大学毕业证UKC成绩单一模一样一比一原版肯特大学毕业证UKC成绩单一模一样
一比一原版肯特大学毕业证UKC成绩单一模一样
 
一比一原版马里兰大学毕业证(UMD毕业证书)如何办理
一比一原版马里兰大学毕业证(UMD毕业证书)如何办理一比一原版马里兰大学毕业证(UMD毕业证书)如何办理
一比一原版马里兰大学毕业证(UMD毕业证书)如何办理
 
欧洲杯足彩-欧洲杯足彩买球软件-欧洲杯足彩买球软件下载|【​网址​🎉ac123.net🎉​】
欧洲杯足彩-欧洲杯足彩买球软件-欧洲杯足彩买球软件下载|【​网址​🎉ac123.net🎉​】欧洲杯足彩-欧洲杯足彩买球软件-欧洲杯足彩买球软件下载|【​网址​🎉ac123.net🎉​】
欧洲杯足彩-欧洲杯足彩买球软件-欧洲杯足彩买球软件下载|【​网址​🎉ac123.net🎉​】
 
一比一原版布兰登大学毕业证(BU毕业证书)如何办理
一比一原版布兰登大学毕业证(BU毕业证书)如何办理一比一原版布兰登大学毕业证(BU毕业证书)如何办理
一比一原版布兰登大学毕业证(BU毕业证书)如何办理
 
一比一原版(UCB毕业证)英国伯明翰大学学院毕业证如何办理
一比一原版(UCB毕业证)英国伯明翰大学学院毕业证如何办理一比一原版(UCB毕业证)英国伯明翰大学学院毕业证如何办理
一比一原版(UCB毕业证)英国伯明翰大学学院毕业证如何办理
 
一比一原版(USQ毕业证书)南昆士兰大学毕业证如何办理
一比一原版(USQ毕业证书)南昆士兰大学毕业证如何办理一比一原版(USQ毕业证书)南昆士兰大学毕业证如何办理
一比一原版(USQ毕业证书)南昆士兰大学毕业证如何办理
 
一比一原版(McGill毕业证)加拿大麦吉尔大学毕业证如何办理
一比一原版(McGill毕业证)加拿大麦吉尔大学毕业证如何办理一比一原版(McGill毕业证)加拿大麦吉尔大学毕业证如何办理
一比一原版(McGill毕业证)加拿大麦吉尔大学毕业证如何办理
 

Odv oracle customer_demo

  • 1. 18-May-2016 ODV - Oracle Database Vault Gino D’ Alfonso / Harry Goossens
  • 2. Program / Agenda • Overview • Securing Data using Database Vault • Auditing • Exports and Backups
  • 3. 33 Overview What is Oracle Database Vault ? • Oracle Database Vault (ODV) was introduced in Oracle 9iR2. • ODV restricts access to specific areas in an Oracle database from any user. • Enables you to apply access control to sensitive data. • Protect data from super-privileged (like DBA) users but still let them maintain the Oracle database
  • 4. 44 Overview Why Oracle Database Vault ? • Systems with integrity, confidentiality = 3 (IV=3). • Separation of duties. • Internal control. • Reasons like BASEL, SOX, PCI, DSS • Don’t trust the DBA
  • 6. 66 Overview • Virtual Private Database (VPD): Restricts access to certain rows for a user by modifying the WHERE clause • Oracle Label Security (OLS): Mediates access to a given row, based on the label on the row and the security level of the user • VPD and OLS restrict access at the row level, whereas Oracle Database Vault restricts access at the object and command levels. • Transparent Data Encryption (TDE) Out of the box, TDE provides (strong) encryption for the database ODV is integrable with VPD, OLS and TDE
  • 7. Program / Agenda • Securing Data using Database Vault
  • 8. 88 Securing Data Realms (gebieden): Functional grouping of database schemas, objects, and roles that need to be secured. (example: all objects from SCOTT belong to realm RLM_SCOTT) Command rules: A special rule that you can create to control how users can execute almost any SQL statement, including SELECT, ALTER SYSTEM, database definition language (DDL), and data manipulation language (DML) statements. (example: SELECT on SCOTT objects)
  • 9. 99 Securing Data Factors: A named variable or attribute, such as a user location, database IP address, or session user, which Oracle Database Vault can recognize and secure. (Example: FAC_HOSTNAME => ‘hostname=‘exdb4002-adm’) Rule sets: A collection of one or more rules that you can associate with a realm authorization, command rule, factor assignment, or secure application role. (Example: RST_IS_LASTDAYOFMONTH) Rules: Like “WHERE department = [whatever]” (Example: RUL_DBUSER_ISNOT_GOOSSENSHFM)
  • 11. 1111 Securing Data connect / as sysdba create user harry grant dba to harry; connect harry select * from owner_dbt.emp;
  • 12. 1212 Securing Data connect / as sysdba create user harry grant dba to harry; connect harry select * from owner_dbt.emp;
  • 14. 1414 Securing Data The key to Separation of Duties is that no one single ROLE can do everything. • The DV_OWNER role can only do data security. • The DV_ACCTMGR role can only create/drop users A DBA role can do anything EXCEPT data security and create/drop users – and is subject to any data security setup by the DV_OWNER role. By default Rabobank does not separate data and user administration. Both roles (DV_OWNER and DV_ACCTMGR) are granted to the same user.
  • 15. 1515 Securing Data $ sqlplus system/******** SQL*Plus: Release 11.2.0.4.0 Production on Tue Apr 26 14:27:23 2016 Copyright (c) 1982, 2013, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, Real Application Clusters, Automatic Storage Management, Oracle Label Security, OLAP, Data Mining, Oracle Database Vault and Real Application Testing options SYSTEM@OLTB7_1 SQL> SELECT * FROM owner_dbt.emp; EMPNO ENAME JOB MGR HIREDATE SAL COMM DEPTNO ---------- ------------------------------ --------------------------- ---------- ------------------- ---------- --- ------- ---------- 7369 SMITH CLERK 7902 14-12-2013:00:00:00 800 20 …. 7902 FORD ANALYST 7566 30-11-2014:00:00:00 3000 20 7934 MILLER CLERK 7782 20-01-2015:00:00:00 1300 10 14 rows selected. SYSTEM@OLTB7_1 SQL>
  • 17. 1717 Securing Data $ sqlplus system SQL*Plus: Release 11.2.0.4.0 Production on Tue Apr 26 14:58:07 2016 Copyright (c) 1982, 2013, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, Real Application Clusters, Automatic Storage Management, Oracle Label Security, OLAP, Data Mining, Oracle Database Vault and Real Application Testing options SYSTEM@OLTB7_1 SQL> select * from owner_dbt.emp; select * from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges SYSTEM@OLTB7_1 SQL> select * from owner_dbt.dept; DEPTNO DNAME LOC ---------- ------------------------------------------ --------------------------------------- 10 ACCOUNTING NEW YORK … 40 OPERATIONS BOSTON SYSTEM@OLTB7_1 SQL>
  • 18. 1818 Securing Data application user OWNER_DBT Application server connects to database as user user_app_dbt support users Support users connect with individual accounts with read-only access user_dbt
  • 19. 1919 Securing Data grant select insert update delete user_app_dbt owner_dbt_ro_role user_dbt grant select all objects grant role OWNER_DBT
  • 20. 2020 Securing Data To create the app user we need the special security account with the dv_acctmgr role SYSTEM@OLTB7_1 SQL> create user user_app_dbt identified by ******* default tablespace users; create user user_app_dbt identified by ******** default tablespace users * ERROR at line 1: ORA-47306: 20006: No way Jose SYSTEM@OLTB7_1 SQL> connect owner_dvt Connected. OWNER_DVT@OLTB7_1 SQL> create user user_app_dbt identified by ******** default tablespace users; User created. OWNER_DVT@OLTB7_1 SQL> grant connect to user_app_dbt; Grant succeeded. OWNER_DVT@OLTB7_1 SQL>
  • 21. 2121 Securing Data Create the RO user and create RO role OWNER_DVT@OLTB7_1 SQL> create user user_dbt identified by ******** default tablespace users; User created. OWNER_DVT@OLTB7_1 SQL> grant connect to user_dbt; Grant succeeded. OWNER_DVT@OLTB7_1 SQL> SYSTEM@OLTB7_1 SQL> create role owner_dbt_ro_role; Role created. SYSTEM@OLTB7_1 SQL> grant owner_dbt_ro_role to user_dbt; Grant succeeded. SYSTEM@OLTB7_1 SQL>
  • 22. 2222 Securing Data $ sqlplus owner_dbt/******** SQL*Plus: Release 11.2.0.4.0 Production on Tue Apr 26 17:37:16 2016 Copyright (c) 1982, 2013, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, Real Application Clusters, Automatic Storage Management, Oracle Label Security, OLAP, Data Mining, Oracle Database Vault and Real Application Testing options OWNER_DBT@OLTB7_1 SQL> grant select, insert, update, delete on emp to user_app_dbt; Grant succeeded. OWNER_DBT@OLTB7_1 SQL> grant select on emp to owner_dbt_ro_role; Grant succeeded. OWNER_DBT@OLTB7_1 SQL>
  • 23. 2323 Securing Data grant select insert update delete user_app_dbt owner_dbt_ro_role user_dbt grant select all objects grant role OWNER_DBT
  • 24. 2424 Securing Data USER_DBT@OLTB7_1 SQL> connect user_dbt/******** Connected. USER_DBT@OLTB7_1 SQL> select count(*) from owner_dbt.emp; COUNT(*) ---------- 14 USER_DBT@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges READ access granted through “owner_dbt_ro_role”, delete not permitted
  • 25. 2525 Securing Data SYS@OLTB7_1 SQL> connect user_app_dbt/******** Connected. USER_APP_DBT@OLTB7_1 SQL> select count(*) from owner_dbt.emp; COUNT(*) ---------- 14 USER_APP_DBT@OLTB7_1 SQL> delete from owner_dbt.emp; 14 rows deleted. USER_APP_DBT@OLTB7_1 SQL> rollback; Rollback complete. USER_APP_DBT@OLTB7_1 SQL> READ, WRITE, DELETE and UPDATE access granted through “GRANT”
  • 26. 2626 Securing Data SYSTEM@OLTB7_1 SQL> select count(*) from owner_dbt.emp; COUNT(*) ---------- 14 SYSTEM@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges What the heck is going on, SYSTEM can still SELECT from OWNER_DBT.EMP? SYSTEM@OLTB7_1 SQL> select * from session_roles where role like 'OWNER%'; ROLE ----------------- OWNER_DBT_RO_ROLE
  • 27. 2727 Securing Data ROLE has been created by SYSTEM and because of this is granted access also. There is a nice solution for this but we keep it simple for now. SYSTEM@OLTB7_1 SQL> drop role owner_dbt_ro_role; Role dropped. SYSTEM@OLTB7_1 SQL> connect owner_dbt/******** Connected. OWNER_DBT@OLTB7_1 SQL> grant select on emp to user_dbt; Grant succeeded. OWNER_DBT@OLTB7_1 SQL> connect system/******** Connected. SYSTEM@OLTB7_1 SQL> select count(*) from owner_dbt.emp; select count(*) from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges SYSTEM@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges
  • 28. 2828 Securing Data $ sqlplus / as sysdba SQL*Plus: Release 11.2.0.4.0 Production on Thu Apr 28 10:39:25 2016 Copyright (c) 1982, 2013, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, Real Application Clusters, Automatic Storage Management, Oracle Label Security, OLAP, Data Mining, Oracle Database Vault and Real Application Testing options SYS@OLTB7_1 SQL> select count(*) from owner_dbt.emp; select count(*) from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges SYS@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges
  • 29. 2929 Securing Data SYS@OLTB7_1 SQL> connect user_dbt/******** Connected. USER_DBT@OLTB7_1 SQL> select count(*) from owner_dbt.emp; COUNT(*) ---------- 14 USER_DBT@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-01031: insufficient privileges
  • 30. 3030 Securing Data USER_DBT@OLTB7_1 SQL> connect owner_dvt/******** Connected. OWNER_DVT@OLTB7_1 SQL> select count(*) from owner_dbt.emp; select count(*) from owner_dbt.emp * ERROR at line 1: ORA-00942: table or view does not exist OWNER_DVT@OLTB7_1 SQL> delete from owner_dbt.emp; delete from owner_dbt.emp * ERROR at line 1: ORA-00942: table or view does not exist
  • 32. 3232 Auditing All actions (failed and/or succeeded) are logged within the database.
  • 33. 3333 Auditing A trigger on audit table makes sure all violations are also written to OS (root) Apr 28 09:44:52 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:09:44:52 fname=3433240261 deviceProcessName=DELETE FROM OWNER_DBT.EMP duser=SYSTEM suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name Apr 28 10:11:59 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:10:11:59 fname=3433240261 deviceProcessName=SELECT COUNT(*) FROM OWNER_DBT.EMP duser=SYSTEM suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name Apr 28 10:12:08 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:10:12:08 fname=3433240261 deviceProcessName=DELETE FROM OWNER_DBT.EMP duser=SYSTEM suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name Apr 28 10:39:34 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:10:39:34 fname=3433240261 deviceProcessName=SELECT COUNT(*) FROM OWNER_DBT.EMP duser=SYS suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name Apr 28 10:39:39 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:10:39:39 fname=3433240261 deviceProcessName=DELETE FROM OWNER_DBT.EMP duser=SYS suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name Apr 28 10:52:25 exdb1003-adm goossenshfm: CEF:0|ORACLE|database vault|1.0|001|Realm Violation Audit|10|rt=28-04-2016:10:52:25 fname=3433240261 deviceProcessName=SELECT "OWNER_DBT"."EMP".* FROM "OWNER_DBT"."EMP" duser=SYSTEM suser=goossenshfm cs1=on_fail cs1Label=audit_option cs2= cs2Label=rule_set_name cs3=RLM_OWNER_DBT cs3Label=action_object_name [root@exdb1003-adm oracle_audit]#
  • 35. 3535 Backups Impact of Backups • Export • Data Pump • RMAN
  • 36. 3636 Backups Export …. . about to export OWNER_DBT's tables via Conventional Path ... . . exporting table AAP 0 rows exported . . exporting table BONUS 0 rows exported . . exporting table DEPT 4 rows exported EXP-00091: Exporting questionable statistics. . . exporting table DUMMY 1 rows exported EXP-00091: Exporting questionable statistics. . . exporting table EMP EXP-00056: ORACLE error 1031 encountered ORA-01031: insufficient privileges . . exporting table MIES 0 rows exported . . exporting table NOOT 0 rows exported . . exporting table SALARY 2 rows exported EXP-00091: Exporting questionable statistics. . . exporting table SALGRADE 5 rows exported EXP-00091: Exporting questionable statistics. ……
  • 37. 3737 Securing Data Data Pump …. Processing object type SCHEMA_EXPORT/POST_SCHEMA/PROCACT_SCHEMA ORA-31693: Table data object "OWNER_DBT"."DEPT" failed to load/unload and is being skipped due to error: ORA-02354: error in exporting/importing data ORA-28116: insufficient privileges to do direct path access ORA-31693: Table data object "OWNER_DBT"."DUMMY" failed to load/unload and is being skipped due to error: ORA-02354: error in exporting/importing data ORA-28116: insufficient privileges to do direct path access ORA-31693: Table data object "OWNER_DBT"."EMP" failed to load/unload and is being skipped due to error: ORA-02354: error in exporting/importing data ORA-28116: insufficient privileges to do direct path access ORA-31693: Table data object "OWNER_DBT"."SALARY" failed to load/unload and is being skipped due to error: ORA-02354: error in exporting/importing data ORA-28116: insufficient privileges to do direct path access ORA-31693: Table data object "OWNER_DBT"."SALGRADE" failed to load/unload and is being skipped due to error: ORA-02354: error in exporting/importing data ORA-28116: insufficient privileges to do direct path access ….
  • 38. 3838 Backups RMAN • Requires SYSDBA access • May need to hardcode SYS password or use wallet • Works successfully
  • 39. 3939 Backups • EXP/EXPDP need privileges from REALM owner. Export files are non-secured. • RMAN bacups are block based and recoverable within another database (clone/duplicate)