Five Thoughts on Oracle Security


The following are five different security related posts to which I have contributed on dba.stackexchange.com. I did not necessarily provide the accepted answer for these, but felt that the questions posed were interesting enough to warrant a mention here.

1 Oracle – Is a separate database more secure than using the same database and a separate schema : a question about development and production environments being physically separated. I don’t think I’ve explicitly commented on this topic before, so I have included a couple of additional links to relevant STIG controls for shared development and production servers:

2 Oracle auditing: Is it possible to log when a permission is being used? : a question about auditing user privilege usage. I have previously commented on auditing in Auditing by the Numbers, which discusses minimal STIG requirements for privilege auditing, among others.

3 Where does data sit and where must it be encrypted : a question about encryption at rest. I have previously commented on STIG-compliant encryption for data at rest in FIPS is a Four Letter Word, and for encryption of data in motion in Top STIG – Part 4 (Encrypted Transmission and PKI).

4 Using SQL*Plus to connect to remote DB from local server, how do I export a backup to my local server? : a question about making backups to remote locations. This is another topic that I don’t think I’ve addressed much attention to in this blog yet. There are several relevant STIG controls for backups, which I have included here:

5 Quality Database Security Metrics : a question about capturing objective database metrics. I have commented on the components of a STIG review and how to complete a one in Oracle 12c Database STIG Breakdown, and How To Complete a STIG Review.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.