SlideShare a Scribd company logo

security in oracle database

S
ssuser40bb47

breif description about masking and lable security and auditing

Education
1 of 23
Download to read offline
Database security class presentation Providers: Zahra Taghipoor kolaei Seyyedeh Fatemeh Mousazadeh Mousavi Professor: Dr.Sadegh Dorri Nogoorani winter 2022 Security in oracle 1
Oracle database 1 2
About oracle ◉ Relational database ◉ ORDBMS ◉ SQL Based 3
Security 2 4
About Oracle Database security Oracle Label Security secures database tables at the row level, allowing you to filter user access to row data based on privileges. Real Application Security Administration Console (RASADM) lets you create Real Application Security data security policies using a graphical user interface. Enterprise User Security addresses user, administrative, and security challenges by relying on the identity management services supplied by Oracle Internet Directory, an LDAP-compliant directory service. 5 Transparent Data Encryption enables you to encrypt data so that only an authorized recipient can read it. Oracle Data Redaction enables you to redact (mask) column data using several redaction types. Data Masking and Subsetting process of replacing sensitive data with fictitious yet realistic looking data and process of downsizing either by discarding or extracting data
continue Key Vault enables you to accelerate security and encryption deployments by centrally managing encryption keys, Oracle wallets, Java keystores, and credential files. Oracle Audit Vault and Database Firewall provides a comprehensive Database Activity Monitoring (DAM) solution that combines database audit logs with SQL traffic capture. 6 Database Assessment Tools Identify database configuration, operation, or implementation introduces risk. Database Vault restrict access to application data by privileged database users. Reducing the risk of insider and outside threats.
Oracle Lable Security 3 7
About Oracle Label Security ◉ controls the display of individual table rows using labels ◉ works by comparing the row label with a user's label authorizations to enable you to easily restrict sensitive information to only authorized users ◉ based on multi-level security (MLS) requirements ◉ installed by default, but not automatically enabled 8
Benefits of Oracle Label Security ◉ It enables row level data classification and provides out-of-the box access mediation based on the data classification and the user label authorization or security clearance. ◉ It enables you to assign label authorizations or security clearances to both database users and application users. ◉ It provides both APIs and a graphical user interface for defining and storing data classification labels and user label authorizations. ◉ It integrates with Oracle Database Vault and Oracle Advanced Security Data Redaction, enabling security clearances to be use in both Database Vault command rules and Data Redaction policy definitions. 9
Components of Oracle Label Security ◉ Labels: authorizations for users and program units, govern access to specified protected objects • Levels: indicate the type of sensitivity that you want to assign to the row • Compartments: represent the projects in this example that help define more precise access controls • Groups: identify organizations owning or accessing the data ◉ Policy: name associated with these labels, rules, authorizations, and protected tables 10
Oracle Label Security Architecture 11
Data Masking and Subsetting 4 12
The Need to Mask and Subset data ◉ Limit sensitive data proliferation ◉ Share what is necessary ◉ Comply with data privacy laws and standards ◉ Minimize storage costs 13
Major Components of Oracle Data Masking and Subsetting ◉ Application Data Modeling ◉ Data Masking Format Library ◉ Data Masking Transformations ◉ Data Subsetting ◉ Application Templates 14
Architecture 15
Deployment Options ◉ In-Database mode ◉ In-Export mode ◉ Heterogeneous mode 16
Methodology 17
Auditting database activities 5 18
What is Auditing ◉ the monitoring and recording of selected user database actions, from both database users and nondatabase users ◉ The actions that you audit are recorded in either data dictionary tables or in operating system files 19
Why is Auditing Used ◉ Enable accountability for actions ◉ Investigate suspicious activity ◉ Notify an auditor of the actions of an unauthorized user ◉ Monitor and gather data about specific database activities ◉ Detect problems with an authorization or access control implementation 20
Types of Auditing Unified and Conditional Auditing ➢ Audit data managed using the built- in audit data management package within the database ➢ The AUDIT_ADMIN and AUDIT_VIEWER roles provides separation of duty ➢ Oracle audit vault and database firewall is integrated with this Traditional Database Auditing ➢ Prevent overhead on the source database system ➢ Be written to the operating system files as this configuration 21
references 1) https://docs.oracle.com/en/database/oracle/oracle-database/21/ 2) https://docs.oracle.com/cd/E11882_01/network.112/e36292/intro.ht m#DBSEG001 22
Any questions ? You can find us at ◉ zahrataghipoor75@gmail.com ◉ sfmousazadeh99@gmail.com Thanks! 23

Recommended

Auditing security of Oracle DB (Karel Miko)
Auditing security of Oracle DB (Karel Miko)Auditing security of Oracle DB (Karel Miko)
Auditing security of Oracle DB (Karel Miko)DCIT, a.s.
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 
8 isecurity database
8 isecurity database8 isecurity database
8 isecurity databaseAnil Pandey
 
Database security issues
Database security issuesDatabase security issues
Database security issuesn|u - The Open Security Community
 
Database security
Database securityDatabase security
Database securitykeerthusandeepreddy
 
Database Security
Database SecurityDatabase Security
Database SecurityShingalaKrupa
 
Database security and security in networks
Database security and security in networksDatabase security and security in networks
Database security and security in networksG Prachi
 
Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Naveena N
 

Recommended

Auditing security of Oracle DB (Karel Miko)
Auditing security of Oracle DB (Karel Miko)Auditing security of Oracle DB (Karel Miko)
Auditing security of Oracle DB (Karel Miko)DCIT, a.s.
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 
8 isecurity database
8 isecurity database8 isecurity database
8 isecurity databaseAnil Pandey
 
Database security issues
Database security issuesDatabase security issues
Database security issuesn|u - The Open Security Community
 
Database security
Database securityDatabase security
Database securitykeerthusandeepreddy
 
Database Security
Database SecurityDatabase Security
Database SecurityShingalaKrupa
 
Database security and security in networks
Database security and security in networksDatabase security and security in networks
Database security and security in networksG Prachi
 
Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Naveena N
 
Security of the database
Security of the databaseSecurity of the database
Security of the databasePratik Tamgadge
 
DBMS SECURITY
DBMS SECURITYDBMS SECURITY
DBMS SECURITYWasim Raza
 
Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...Hamish Brocklebank
 
Database security
Database securityDatabase security
Database securityArpana shree
 
Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”Christophe Guéret
 
Scalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data PortalScalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data PortalGlobus
 
HEBE Platform Technology
HEBE Platform TechnologyHEBE Platform Technology
HEBE Platform TechnologyAlex G. Lee, Ph.D. Esq. CLP
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...InSync2011
 
Oracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guideOracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guidebupbechanhgmail
 
Data base security & integrity
Data base security & integrityData base security & integrity
Data base security & integrityPooja Dixit
 
Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Olav Tvedt
 
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CloudIDSummit
 
Database Security And Authentication
Database Security And AuthenticationDatabase Security And Authentication
Database Security And AuthenticationSudeb Das
 
Hasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solutionHasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solutionIMPULSE_TECHNOLOGY
 
Privacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-basedPrivacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-basedNagamalleswararao Tadikonda
 
Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Prosanta Ghosh
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql databasegourav kottawar
 
Database Security & Encryption
Database Security & EncryptionDatabase Security & Encryption
Database Security & EncryptionTech Sanhita
 
Case Study for Ego-centric Citation Network
Case Study for Ego-centric Citation NetworkCase Study for Ego-centric Citation Network
Case Study for Ego-centric Citation NetworkMike Taylor
 
My sql and oracle difference
My sql and oracle difference My sql and oracle difference
My sql and oracle difference manisha1110
 
Oracle database 12c security and compliance
Oracle database 12c security and complianceOracle database 12c security and compliance
Oracle database 12c security and complianceFITSFSd
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentationstefanjung
 

More Related Content

What's hot

Security of the database
Security of the databaseSecurity of the database
Security of the databasePratik Tamgadge
 
Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...Hamish Brocklebank
 
Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”Christophe Guéret
 
Scalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data PortalScalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data PortalGlobus
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...InSync2011
 
Oracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guideOracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guidebupbechanhgmail
 
Data base security & integrity
Data base security & integrityData base security & integrity
Data base security & integrityPooja Dixit
 
Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Olav Tvedt
 
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CloudIDSummit
 
Database Security And Authentication
Database Security And AuthenticationDatabase Security And Authentication
Database Security And AuthenticationSudeb Das
 
Hasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solutionHasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solutionIMPULSE_TECHNOLOGY
 
Privacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-basedPrivacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-basedNagamalleswararao Tadikonda
 
Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Prosanta Ghosh
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql databasegourav kottawar
 
Database Security & Encryption
Database Security & EncryptionDatabase Security & Encryption
Database Security & EncryptionTech Sanhita
 
Case Study for Ego-centric Citation Network
Case Study for Ego-centric Citation NetworkCase Study for Ego-centric Citation Network
Case Study for Ego-centric Citation NetworkMike Taylor
 
My sql and oracle difference
My sql and oracle difference My sql and oracle difference
My sql and oracle difference manisha1110
 

What's hot (20)

Security of the database
Security of the databaseSecurity of the database
Security of the database
 
DBMS SECURITY
DBMS SECURITYDBMS SECURITY
DBMS SECURITY
 
Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...Data sheet workshare data security, policy enforcement, and data center arc...
Data sheet workshare data security, policy enforcement, and data center arc...
 
Database security
Database securityDatabase security
Database security
 
Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”Decentralised entity registry “WikiReg”
Decentralised entity registry “WikiReg”
 
Scalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data PortalScalable Data Management: Automation and the Modern Research Data Portal
Scalable Data Management: Automation and the Modern Research Data Portal
 
HEBE Platform Technology
HEBE Platform TechnologyHEBE Platform Technology
HEBE Platform Technology
 
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
Database & Technology 1 _ Barbara Rabinowicz _ Database Security Methoda and ...
 
Oracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guideOracle database 12c 2 day + security guide
Oracle database 12c 2 day + security guide
 
Data base security & integrity
Data base security & integrityData base security & integrity
Data base security & integrity
 
Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...Brk30010 - With so many different ways to secure data across the Office 365 p...
Brk30010 - With so many different ways to secure data across the Office 365 p...
 
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
CIS14: Is the Cloud Ready for Enterprise Identity and Security Requirements?
 
Database Security And Authentication
Database Security And AuthenticationDatabase Security And Authentication
Database Security And Authentication
 
Hasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solutionHasbe a hierarchical attribute based solution
Hasbe a hierarchical attribute based solution
 
Privacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-basedPrivacy preserving public auditing for regenerating-code-based
Privacy preserving public auditing for regenerating-code-based
 
Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013Dbms ii mca-ch12-security-2013
Dbms ii mca-ch12-security-2013
 
security and privacy in dbms and in sql database
security and privacy in dbms and in sql databasesecurity and privacy in dbms and in sql database
security and privacy in dbms and in sql database
 
Database Security & Encryption
Database Security & EncryptionDatabase Security & Encryption
Database Security & Encryption
 
Case Study for Ego-centric Citation Network
Case Study for Ego-centric Citation NetworkCase Study for Ego-centric Citation Network
Case Study for Ego-centric Citation Network
 
My sql and oracle difference
My sql and oracle difference My sql and oracle difference
My sql and oracle difference
 

Similar to security in oracle database

Oracle database 12c security and compliance
Oracle database 12c security and complianceOracle database 12c security and compliance
Oracle database 12c security and complianceFITSFSd
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentationstefanjung
 
ppt-security-dbsat-222-overview-nodemo.pdf
ppt-security-dbsat-222-overview-nodemo.pdfppt-security-dbsat-222-overview-nodemo.pdf
ppt-security-dbsat-222-overview-nodemo.pdfcamyla81
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database SecurityTroy Kitch
 
Creating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres DatabaseCreating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres DatabaseEDB
 
Database Security – Issues and Best PracticesOutline
Database Security – Issues and Best PracticesOutlineDatabase Security – Issues and Best PracticesOutline
Database Security – Issues and Best PracticesOutlineOllieShoresna
 
8.1.6 newsecurity features
8.1.6 newsecurity features8.1.6 newsecurity features
8.1.6 newsecurity featuresAnil Pandey
 
The Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdfThe Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdfDomain News Tech
 
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloudNag Nani
 
A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...IJARIIT
 
5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_security5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_securityDoina Draganescu
 
MobileDBSecurity.pptx
MobileDBSecurity.pptxMobileDBSecurity.pptx
MobileDBSecurity.pptxmissionsk81
 
How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...Anar Godjaev
 
Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cTroy Kitch
 
Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017Maximiliano Accotto
 
Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017Maximiliano Accotto
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingDLT Solutions
 
PCI Compliance: How to Remain Compliant and Gain Near Real-Time Analytics on ...
PCI Compliance: How to Remain Compliant and Gain Near Real-Time Analytics on ...PCI Compliance: How to Remain Compliant and Gain Near Real-Time Analytics on ...
PCI Compliance: How to Remain Compliant and Gain Near Real-Time Analytics on ...Emtec Inc.
 

Similar to security in oracle database (20)

Oracle database 12c security and compliance
Oracle database 12c security and complianceOracle database 12c security and compliance
Oracle database 12c security and compliance
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentation
 
ppt-security-dbsat-222-overview-nodemo.pdf
ppt-security-dbsat-222-overview-nodemo.pdfppt-security-dbsat-222-overview-nodemo.pdf
ppt-security-dbsat-222-overview-nodemo.pdf
 
Oracle Database Security
Oracle Database SecurityOracle Database Security
Oracle Database Security
 
Creating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres DatabaseCreating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres Database
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safe
 
Database Security – Issues and Best PracticesOutline
Database Security – Issues and Best PracticesOutlineDatabase Security – Issues and Best PracticesOutline
Database Security – Issues and Best PracticesOutline
 
8.1.6 newsecurity features
8.1.6 newsecurity features8.1.6 newsecurity features
8.1.6 newsecurity features
 
The Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdfThe Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdf
 
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
111906665 ensuring-distributed-accountability-for-data-sharing-in-the-cloud
 
A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...A robust and verifiable threshold multi authority access control system in pu...
A robust and verifiable threshold multi authority access control system in pu...
 
5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_security5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_security
 
Database Options
Database OptionsDatabase Options
Database Options
 
MobileDBSecurity.pptx
MobileDBSecurity.pptxMobileDBSecurity.pptx
MobileDBSecurity.pptx
 
How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...How to protect your sensitive data using oracle database vault / Creating and...
How to protect your sensitive data using oracle database vault / Creating and...
 
Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12c
 
Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017
 
Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017Seguridad en sql server 2016 y 2017
Seguridad en sql server 2016 y 2017
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and Masking
 
PCI Compliance: How to Remain Compliant and Gain Near Real-Time Analytics on ...
PCI Compliance: How to Remain Compliant and Gain Near Real-Time Analytics on ...PCI Compliance: How to Remain Compliant and Gain Near Real-Time Analytics on ...
PCI Compliance: How to Remain Compliant and Gain Near Real-Time Analytics on ...
 

Recently uploaded

Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 

Recently uploaded (20)

Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 

security in oracle database

  • 1. Database security class presentation Providers: Zahra Taghipoor kolaei Seyyedeh Fatemeh Mousazadeh Mousavi Professor: Dr.Sadegh Dorri Nogoorani winter 2022 Security in oracle 1
  • 3. About oracle ◉ Relational database ◉ ORDBMS ◉ SQL Based 3
  • 5. About Oracle Database security Oracle Label Security secures database tables at the row level, allowing you to filter user access to row data based on privileges. Real Application Security Administration Console (RASADM) lets you create Real Application Security data security policies using a graphical user interface. Enterprise User Security addresses user, administrative, and security challenges by relying on the identity management services supplied by Oracle Internet Directory, an LDAP-compliant directory service. 5 Transparent Data Encryption enables you to encrypt data so that only an authorized recipient can read it. Oracle Data Redaction enables you to redact (mask) column data using several redaction types. Data Masking and Subsetting process of replacing sensitive data with fictitious yet realistic looking data and process of downsizing either by discarding or extracting data
  • 6. continue Key Vault enables you to accelerate security and encryption deployments by centrally managing encryption keys, Oracle wallets, Java keystores, and credential files. Oracle Audit Vault and Database Firewall provides a comprehensive Database Activity Monitoring (DAM) solution that combines database audit logs with SQL traffic capture. 6 Database Assessment Tools Identify database configuration, operation, or implementation introduces risk. Database Vault restrict access to application data by privileged database users. Reducing the risk of insider and outside threats.
  • 8. About Oracle Label Security ◉ controls the display of individual table rows using labels ◉ works by comparing the row label with a user's label authorizations to enable you to easily restrict sensitive information to only authorized users ◉ based on multi-level security (MLS) requirements ◉ installed by default, but not automatically enabled 8
  • 9. Benefits of Oracle Label Security ◉ It enables row level data classification and provides out-of-the box access mediation based on the data classification and the user label authorization or security clearance. ◉ It enables you to assign label authorizations or security clearances to both database users and application users. ◉ It provides both APIs and a graphical user interface for defining and storing data classification labels and user label authorizations. ◉ It integrates with Oracle Database Vault and Oracle Advanced Security Data Redaction, enabling security clearances to be use in both Database Vault command rules and Data Redaction policy definitions. 9
  • 10. Components of Oracle Label Security ◉ Labels: authorizations for users and program units, govern access to specified protected objects • Levels: indicate the type of sensitivity that you want to assign to the row • Compartments: represent the projects in this example that help define more precise access controls • Groups: identify organizations owning or accessing the data ◉ Policy: name associated with these labels, rules, authorizations, and protected tables 10
  • 11. Oracle Label Security Architecture 11
  • 12. Data Masking and Subsetting 4 12
  • 13. The Need to Mask and Subset data ◉ Limit sensitive data proliferation ◉ Share what is necessary ◉ Comply with data privacy laws and standards ◉ Minimize storage costs 13
  • 14. Major Components of Oracle Data Masking and Subsetting ◉ Application Data Modeling ◉ Data Masking Format Library ◉ Data Masking Transformations ◉ Data Subsetting ◉ Application Templates 14
  • 16. Deployment Options ◉ In-Database mode ◉ In-Export mode ◉ Heterogeneous mode 16
  • 19. What is Auditing ◉ the monitoring and recording of selected user database actions, from both database users and nondatabase users ◉ The actions that you audit are recorded in either data dictionary tables or in operating system files 19
  • 20. Why is Auditing Used ◉ Enable accountability for actions ◉ Investigate suspicious activity ◉ Notify an auditor of the actions of an unauthorized user ◉ Monitor and gather data about specific database activities ◉ Detect problems with an authorization or access control implementation 20
  • 21. Types of Auditing Unified and Conditional Auditing ➢ Audit data managed using the built- in audit data management package within the database ➢ The AUDIT_ADMIN and AUDIT_VIEWER roles provides separation of duty ➢ Oracle audit vault and database firewall is integrated with this Traditional Database Auditing ➢ Prevent overhead on the source database system ➢ Be written to the operating system files as this configuration 21
  • 23. Any questions ? You can find us at ◉ zahrataghipoor75@gmail.com ◉ sfmousazadeh99@gmail.com Thanks! 23