Skip Headers
Oracle® Database 2 Day + Security Guide
11g Release 2 (11.2)

Part Number E10575-01
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

1 Introduction to Oracle Database Security

This chapter contains:

About This Guide

Oracle Database 2 Day + Security Guide teaches you how to perform day-to-day database security tasks. Its goal is to help you understand the concepts behind Oracle Database security. You will learn how to perform common security tasks needed to secure your database. The knowledge you gain from completing the tasks in Oracle Database 2 Day + Security Guide helps you to better secure your data and to meet common regulatory compliance requirements, such as the Sarbanes-Oxley Act.

The primary administrative interface used in this guide is Oracle Enterprise Manager in Database Console mode, featuring all the self-management capabilities introduced in Oracle Database.

This section contains the following topics:

Before Using This Guide

Before using this guide:

What This Guide Is and Is Not

Oracle Database 2 Day + Security Guide is task oriented. The objective of this guide is to describe why and when you must perform security tasks.

Where appropriate, this guide describes the concepts and steps necessary to understand and complete a task. This guide is not an exhaustive discussion of all Oracle Database concepts. For this type of information, see Oracle Database Concepts.

Where appropriate, this guide describes the necessary Oracle Database administrative steps to complete security tasks. This guide does not describe basic Oracle Database administrative tasks. For this type of information, see Oracle Database 2 Day DBA. Additionally, for a complete discussion of administrative tasks, see Oracle Database Administrator's Guide.

In addition, this guide is not an exhaustive discussion of all Oracle Database security features and does not describe available APIs that provide equivalent command line functionality to the tools used in this guide. For this type of information, see Oracle Database Security Guide.

Common Database Security Tasks

As a database administrator for Oracle Database, you should be involved in the following security-related tasks:

In a small to midsize database environment, you might perform these tasks as well and all database administrator-related tasks, such as installing Oracle software, creating databases, monitoring performance, and so on. In large, enterprise environments, the job is often divided among several database administrators—each with their own specialty—such as database security or database tuning.

Tools for Securing Your Database

To achieve the goals of securing your database, you need the following products, tools, and utilities:

Securing Your Database: A Roadmap

To learn the fundmentals of securing an Oracle database, follow these steps:

  1. Secure your Oracle Database installation and configuration.

    Complete the tasks in Chapter 2, "Securing the Database Installation and Configuration" to secure access to an Oracle Database installation.

  2. Secure user accounts for your site.

    Complete the tasks in Chapter 3, "Securing Oracle Database User Accounts", which builds on Oracle Database 2 Day DBA, where you learned how to create user accounts. You learn the following:

    • How to expire, lock, and unlock user accounts

    • Guidelines to choose secure passwords

    • How to change a password

    • How to enforce password management

  3. Understand how privileges work.

    Complete the tasks in Chapter 4, "Managing User Privileges". You learn about the following:

    • How privileges work

    • Why you must be careful about granting privileges

    • How database roles work

    • How to create secure application roles

  4. Secure data as it travels across the network.

    Complete the tasks in Chapter 5, "Securing the Network" to learn how to secure client connections and to configure network encryption.

  5. Control access to data.

    Complete the tasks in Chapter 6, "Securing Data", in which you learn about the following:

    • How to use transparent data encryption to automatically encrypt database table columns and tablespaces

    • How to control data access with Oracle Virtual Private Database

    • How to enforce row-level security with Oracle Label Security

    • How to control system administrative access to sensitive data with Oracle Database Vault.

  6. Configure auditing so that you can monitor the database activities.

    Complete the tasks in Chapter 7, "Auditing Database Activity" to learn about standard auditing.