The security construction of Oracle database itself
Generally speaking, Oracle database is the most complete database product in terms of security in the industry. Among the international standards for database security, Oracle has passed the test of 14 standards, making it the product that has passed the most and most comprehensive security standards among all database products. Oracle not only meets the NCSC C2 level security standards on C2 level operating systems (such as commercial UNIX, VMS operating systems), but has also officially passed the NCSC C2 standard test. The B1-level operating system not only meets the NCSC B1-level safety standards, but also has passed the test of the NCSC B1-level standards.
The main security measures provided by Oracle are as follows: Identity authentication function (Authentication): identify the identity of the access individual Confidentiality of data access (Confidentialty): ensure the confidentiality of sensitive data access. Data integrity (Integrity): Ensure that data is not tampered with. Authorization: Ensure authorized users’ ability to query and modify data. Access Control: Determine the ability to access specified data. Auditing: Provides the ability to monitor user behavior. Privacy: Provides privacy for access to sensitive data. High availability (Availability): ensuring the ability of data and systems to provide uninterrupted services. Delegated Administration: Provides centralized management of user accounts.
The following will be a more in-depth discussion of the security measures provided by Oracle regarding the application system itself.
$PageTitle= Oracle's security field}
3. Oracle's security field Profile control
Oracle uses the profile mechanism to manage session resource occupancy. Also manages security policies for user passwords.
Through profile we can achieve:
What percentage of the system’s CPU time can a specific user occupy at most?
How long can a specific user survive after connecting to the database?
How long does it take for a specific user to be inactive after connecting to the database before the system disconnects him?
How many times will the user be automatically locked after entering the incorrect login password?
What rules must the length and character content of user passwords comply with?
After how many days will the user's password automatically expire and require a new password? User permission control (Privilage)
Oracle can effectively control user permissions through a series of grant and revoke operations such as roles (Role) and permissions (Privilage).
Through permission control we can achieve:
A specific user can only read but not modify the table data of another user.
A specific user can only run several stored procedures or functions of the Oracle database system.
A specific user can have the authority to modify certain data, but cannot grant the authority to modify the data to other users who do not have this authority.
A specific user can read data but cannot create new table spaces. Virtual Private Database (VPD)
Virtual Private Database (VPD), also known as fine-grained access control, provides powerful row-level security features. It was introduced in Oracle8i and has gained widespread popularity.
VPD works by providing users with a partial view of a table based on a set of defined criteria by transparently changing requests for data. At run time, all queries have predicates appended to them to filter out the rows that the user is allowed to see.
That is, through the settings of VPD, we can achieve row-level security control. Even if a specific user has read permissions on a table, he can only see records that meet his own permissions.
Note that in the Oracle10g version, VPD has been enhanced and field-level security control can already be implemented.
For examples and construction steps, see: Implementing row-level security using VPD fine-grained access policies Step By Step Orace Label Security
Based on strict requirements for row-level security submitted by customers , Oracle Label Security, an option for Oracle Database Enterprise Edition, leverages multi-level security concepts to address real-world data security and privacy issues encountered by government and commercial users around the world.
OLS provides complete row-level security controls by leveraging data sensitivity labels (such as "Sensitive" and "Company Confidential") and user label authorization.
OLS uses policy concepts to store tag definitions and authorizations. The policy can be managed directly in the database or centrally in Oracle Identity Management. Oracle Database Valut
Usually if a database administrator has DBA authority, it is difficult to prevent such an administrator from viewing application data. Oracle Database Valut solves the biggest concerns of customers who must protect sensitive business information or private data involving partners, employees and customers.
Oracle Database Vault prevents high-privilege application DBAs from accessing other applications and performing tasks beyond their authority. Oracle Database Vault quickly and efficiently protects existing programs without impacting application functionality.
Oracle Database Vault addresses some of the most common security issues and insider threats by:
1. Restricting access to application data to DBAs and other authorized users.
2. Prevent the DBA from manipulating the database and accessing other applications. Oracle Database Vault provides powerful segregation of duties controls to prevent unauthorized changes to the database. For example, if a user has CREATE USER permissions but does not have the correct user management permissions, Oracle Database Vault will prevent the DBA from creating new users.
3. Better control who, when and where can access applications. Factors such as date and time, the location of the database client on the network, and so on.
Oracle Database Valut is an option for the new Oracle Database 10g Enterprise Edition. Currently, Linux X86 and Solaris SPARC 64bit versions are available for download and use. User Access Auditing
Auditing is another important area of ??Oracle security, and we must also plan the auditing program carefully. There are several ways to perform auditing in Oracle:
1. SQL audit command (standard audit)
Through the AUDIT statement we can audit the successful or unsuccessful read and update operations of specific objects.
Standard auditing will only record less tracking information, such as the user who issued the statement, time, terminal identification number, etc.
The impact of this audit on system performance depends more on how busy the object is.
2. Auditing using object triggers (that is, DML auditing)
This type of audit is usually developed by the customer and placed on a specific database object. Since it is self-developed, it can be more efficient than standard auditing. Feel free to record more tracking information of interest. For example, an update operation updates a field from its original value to its new value.
The impact of this audit on system performance depends more on the busyness of the object and the writing level of the trigger.
3. Use system-level triggers for auditing (record user login and exit)
When a user logs in or leaves the database, the user name, operation time, terminal identification number, etc. can be recorded through customized triggers. information.
Since the probability of trigger firing is small, this audit has little impact on system performance.
4. Use LogMiner for auditing (that is, DML and DDL)
Oracle database records all update operations in the redo log, and Oracle provides the LogMiner tool to mine all operations in the redo log. Compared with the various audit methods mentioned above, this type of audit may be the method with the most complete information and the least impact on the performance of the application system.
To expand a bit here, LogMiner is a double-edged sword. Since it can be used for auditing, it can also be used maliciously as a tool for data theft. So in terms of encryption of the data itself, Oracle also provides a variety of solutions, such as DBMS_OBFUSCATION_TOOLKIT, DBMS_CRYPTO and the latest transparent data encryption. Even in terms of data backup, Oracle has launched Secure Backup to deal with the encryption of tape data, but it should be noted that Data encryption should not be used as a replacement for access control, and storing encrypted data does not provide an additional layer of protection on the storage medium itself, but only helps protect sensitive data such as credit card numbers in the event of media theft. No further introduction will be made in this article.
5. Fine-grained auditing (FGA)
Fine-grained auditing (FGA), introduced in Oracle 9i, can record SCN number and row-level changes to reconstruct old data, but they can only be used for select statements, but cannot be used in DML, such as update, insert, and delete statements. Therefore, for versions of Oracle Database prior to 10g, using triggers, although not an attractive option for tracking user-initiated changes at the row level, is also the only reliable method.
The enhancement of Oracle10g FGA functions enables it to not only support select operations, but also DML operations. In Oracle 10g, auditing has grown from a mere "operation recorder" to a "fact recording mechanism" that captures user behavior at a very detailed level, which can eliminate your need for manual, trigger-based audit needs. It also combines standard auditing with FGA tracing, which makes it easier to track database access regardless of how it was generated.
Through fine-grained auditing we can record:
A table was accessed between 9am and 6pm or on Saturdays and Sundays.
An IP address outside the company's network was used.
Specific columns were selected or updated.
A specific value for this column is used.