Wednesday, March 6, 2013

Oracle Security Case Study

Does your security procedure protect your data?

In most of the companies , there is access to Email Systems, Intranet , networks and internet , most of these user are using the application that connected to Database ( assume that it's Oracle Database).

By Creating Security Procedure to protect database and what this database contain you create hard environment to deal with  since the three compentents are availability,  integrity and secuirty which mean if you increase the security then integrity will not be on the same level and so on,The Oracle database has several layers of security and provides auditing functionality at each level. most of then mention in Oracle Security Section website.


  • Password management : One of the basic steps to Enforce user to follow the rules such as : password expiration, limit password reuse, limit the number of failed logon attempts, force password complexity, lock and expire database accounts
  •     Database Auditing to monitor user activity.
  •     Fine Grained Auditing to define specific conditions necessary for an audit record to be generated, resulting in a more meaningful audit trail
  •     Database Resource Manager to set resource limits and quotas on the amount of various system resources available to users
  •     Roles to manage object privileges
  •      Oracle Label Security for more sophisticated row level security
  •     Data Encryption to provide an additional layer of protection

Which Kind Of Security Plan you follow , Do you think the Basic Steps to Secure Database will be enough or should someone enable auditing , install database firewall .... when you answer consider that more security means it will be hard to deal with application and environment.

tell me your case about the security ? what you think ?

Thank you 
Osama mustafa  
 

2 comments:

  1. Post is absolutely wonderful! We are full of great information and inspiration both for all you need! In addition, you want to admire the time and effort put in more information you provide to your blog about Oracle Security.

    ReplyDelete
    Replies
    1. Thank you for your Kind word i am trying my best for something i really Love :)

      Delete