Sign in
|
Register
|
Mobile
Home
Browse
About us
Help/FAQ
Advanced search
Home
>
Browse
>
Applied Oracle Security: Developing Secure Database and Middleware Environments
CITATION
Knox, David;
Gaetjen, Scott;
Jahangir, Hamza;
Muth, Tyler;
Sack, Patrick;
Wark, Richard; and
Wise, Bryan
.
Applied Oracle Security: Developing Secure Database and Middleware Environments
.
US
: McGraw-Hill Osborne Media, 2009.
Add to Favorites
Email to a Friend
Download Citation
Applied Oracle Security: Developing Secure Database and Middleware Environments
Authors:
David Knox
,
Scott Gaetjen
,
Hamza Jahangir
,
Tyler Muth
,
Patrick Sack
,
Richard Wark
and
Bryan Wise
Published:
September 2009
eISBN:
9780071613712 0071613714
|
ISBN:
9780071613705
Open eBook
Book Description
Table of Contents
Contents
Foreword
Acknowledgments
Part I: Oracle Database Security New Features
1 Security Blueprints and New Thinking
About This Book
Database Security Today
Security Motivators
Modeling Secure Schemas
Getting Started
Summary
2 Transparent Data Encryption
Encryption 101
Encrypting Data Stored in the Database
The Transparent Data Encryption Solution
Tablespace Encryption: New with Oracle 11g
Oracle 11g Configuration
Summary
3 Applied Auditing and Audit Vault
An Era of Governance
Auditing for Nonsecurity Reasons
The Audit Data Warehouse
What to Audit and When to Audit
The Audit Warehouse Becomes the Audit Vault
Installation Options
Summary
Part II: Oracle Database Vault
4 Database Vault Introduction
The Security Gap
Database Vault Components
Installing Oracle Database Vault
Summary: Database Vault Is Differentiating Security
5 Database Vault Fundamentals
Realms
Command Rules
Rule Sets
Factors
DBV Secure Application Roles
Summary
6 Applied Database Vault for Custom Applications
Notional Database Applications Environment
From Requirements to Security Profile Design
Requirements Technique: Use Cases and Scenarios
Identify Coarse-Grained Security Profile
Identify Fine-Grained Security Profile
Identify DBV Factors Based on Business or System Conditions
Identify DBV Realms and Realm Objects Based on Objects
Identify Accounts, Roles, and DBV Realm Authorizations from Use Case Actors
Establish DBV Command Rules from Conditions
Establish DBV Secure Application Roles from Conditions
Summary
7 Applied Database Vault for Existing Applications
Audit Capture Preparation
Capturing Audits
Analyzing the Audit Trail
Integrating DBV with Oracle Database Features
Advanced Monitoring and Alerting with a DBV Database
Summary
Part III: Identity Management
8 Architecting Identity Management
Understanding the Problem with Identity Management
Architecting Identity Management
Oracle Identity Management Solutions
Summary
9 Oracle Identity Manager
The User Provisioning Challenge
Oracle Identity Manager Overview
User Provisioning Processes
User Provisioning Integrations
Reconciliation Integrations
Compliance Solutions
OIM Deployment
Summary
10 Oracle Directory Services
Identity Management and the LDAP Directory
Oracle Internet Directory
Directory Virtualization and Oracle Virtual Directory
OVD Applied
Summary
Part IV: Applied Security for Oracle APEX and Oracle Business Intelligence
11 Web-centric Security in APEX
Introduction to the APEX Environment
Securing an APEX Instance
Protecting the APEX Database Schemas
Summary
12 Secure Coding Practices in APEX
Authentication and Authorization
SQL Injection
Cross-site Scripting
Leveraging Database Security Features
Summary
13 Securing Access to Oracle BI
The Challenge in Securing BI
What Needs To Be Secured
Mechanics of Accessing Data with Oracle BI
Authentication and Authorization
Single Sign-On
Deploying in a Secure Environment
Securing the BI Cache
Public-facing Applications
Summary
14 Securing Oracle BI Content and Data
Securing Web Catalog Content
Conveying Identity to the Database
Securing Data Presented by Oracle BI
Oracle BI and Database Vault
Auditing
BI Features with Security Implications
Summary
A: Using the Oracle BI Examples
Users and Groups
Database Preparations
Database Auditing
Database Scripts
Oracle BI Setup
Credential Store
BI Publisher Superuser
Other BI Publisher Configuration Steps
Sample BI Publisher Report
Scheduler Configuration
Usage Tracking
Recommend Testing
Oracle BI Tests
BI Publisher Tests
Oracle Delivers Tests
Sample Web Catalog Description
SH Dashboard
Utilities Dashboard
Other Dashboards
Sample RPD Descriptions
Common to All RPDs
Internal Authentication
Internal Authentication with Act as Proxy Enabled
Column-based Security
Table-based Authentication
Database Authentication
LDAP Authentication
SSO Integration
Summary
Index
