Search notes:
Oracle security
Oracle provides quite a few possibilities to enhance security:
User accounts
Authentication
Encryption
Data Redaction
Orientation (?)
Database Vault
Virtual Private Database
(VPD). Oracle restricts returned records from a
select
statement
by adding a
where
condition. (See also
dbms_rls
)
Label Security
Data access monitoring (
auditing
and audit policies)
Real Application Security (which, unlike VPD, allows to declaratively formulate security policies so that no PL/SQL objects need to be maintained)
Database Security Assessment Tool (DBSAT)
DBSAT is a command-line tool that helps identify and assess security risks. The tool is able to recommend changes in order to mitigate these risks.
DBAT has three components:
Collector
Collects the raw data by executing SQL statements and OS commands
Reporter
Analyzes the collected data and produces the report with the findings.
Disoverer
DBSAT consists of SQL and
Python
scripts and can by downloaded from MOS note 2138254.1.
Data Safe
Data Safe
is a cloud service which builds on DBSAT and provides
Security assessments (can be scheduled to run periodically)
Sensitive data discovery
Data masking
See also
Oracle privileges
Advanced Security
,
Label Security
Row level security
roles
$ORACLE_HOME/rdbms/admin/dsec.bsq
Index