Papers

High Availability Architecture for Oracle ORDS and APEX – September 2019

This guide includes step-by-step instructions to install and configure the Apache HTTPD, Tomcat, Oracle REST Data Services, and Oracle Application Express (APEX) technology stack within a simple, highly available infrastructure. It also describes basic HTTP Header-based user authentication and authorization configuration within an APEX application built within the stack.

Configuring SSL for Oracle Client Authentication and Encryption with DoD Common Access Cards Using Microsoft Certificate Store – November 2018

This quick “how to” document highlights configuration steps and parameters to enable PKI authentication between the Oracle Database Client for Windows and an Oracle Database. It was written to detail configuration parameters for the Oracle Wallet to use the Department of Defense Common Access Card (CAC) and U.S. Federal Government PIV cards as an external Hardware Security Module (HSM) with Microsoft Certificate Store (MCS) on the Windows 10 operating system.

Real-Time Oracle 11g Log File Analysis – February 2013

The core of virtually every application that manipulates data is the database. It is vitally important, in both production and development environments, to understand at all times what the database is doing and why. There are a variety of commercial database monitoring solutions available in the market today; most rely on SQL monitoring and monitoring of the Oracle Alert Log. Few provide customizable search capabilities or allow easy correlation of events recorded in different files, within the database, from script output, from TCP feeds, or allow a DBA to correlate database events with events from other applications in the technology stack. In this paper I will describe a robust monitoring architecture that allows in-depth, real-time log file analysis and reporting of an individual Oracle database for virtually no cost.

Which Princess Are You? – November 2012

RCF Security Training Days

A look at social engineering in today’s social networking; the hazards of sharing too much and the aggregation of personal data.

Deploying an Oracle 11gR2 Connection Manager – 2nd Edition – January 2011

Deploying 11gR2 Connection Manager Proxy Presentation Slides – Dayton Area Oracle User’s Group Winter 2011

1st Edition, CSC Leading Edge Forum Papers 2010, Honorable Mention

A business or organization can only be successful if its critical data is well managed and secure. Every day the news is filled with stories of corporations, financial institutions, and governments whose data systems have been compromised. Tightly configured network architectures which limit the direction and channels through which data flows can greatly reduce the overall exposure of application databases. Unfortunately, in my experience this aspect of data system planning is often overlooked or its importance severely underestimated. Using Oracle Connection Manager to proxy server-to-server communications and reverse proxy client-server connections adds an extra layer of security to the database’s network architecture. When properly configured and used in conjunction with firewalls and other tools like Oracle’s Advanced Security Option, it allows me as a database administrator to enforce strong configuration controls on database communications and to monitor both inbound and outbound communications for any abnormalities. In this paper I will describe my basic techniques, developed over the last several years, for adding Connection Manager to the Oracle Net network and configuring it for proxy and reverse proxy operations.

Optimizing Data Access In Enterprise Reports – May 2000

Proceedings of the Brio Insight 2000 User Convention, Monteray, California

Many “database independent” products such as Brio.Portal and Brio.Report are commonly used in today’s business place. These applications are often mission critical products like help desks, information portals, or enterprise reports. They require a high level of performance and reliability for the end user or corporate customer. Unfortunately, by their very nature these applications have often ignored or overlooked database specific features that would help them to perform at peak efficiency. Typically this will result in a loss of performance as objects within the database are inappropriately stored, accessed, and maintained over time. The larger the database becomes, the greater the performance impact. This paper will demonstrate, using Brio.Portal and Brio.Report as examples, how an Oracle DBA can plan for and maintain increased system performance and reliability when dealing with applications not designed specifically for Oracle. A variety of techniques, including instance creation, tablespace configuration, index creation and relocation, memory cache optimization, and SQL tuning will be illustrated.

Monitoring Audit Trails Using Enterprise Manager – March 1999

Proceedings of the IOUG-A Live ’99 Convention, Denver, Colorado

Maintaining the security and integrity of a corporation’s sensitive data is of great importance to the database administrator, particularly in today’s intra- and inter-networked environments. This presentation introduces a technique – developed initially for the Department of Defense – which enables real time notification of audited events through the Oracle Enterprise Manager Console. Scripts and utilities will be presented that allow the DBA to gain more information from the audit trail than that provided by the basic DBA views, and to use that information to identify more rapidly and accurately any unauthorized activity or system intruders. Use of these tools in Oracle7 or Oracle8 databases to consolidate security monitoring in a distributed environment will be illustrated.

Enhancing Database Security: Concepts and Tools for the DBA – March 1999

Proceedings of the IOUG-A Live ’99 Convention, Denver, Colorado

A collection of database hardening scripts and techniques.

Using the Internet to Manage Data Standardization – August 1995

Proceedings of the DoD Database ’95 Convention, San Diego, California

One of the biggest problems that any major corporation faces is controlling the proliferation and duplication of data systems and the data they share. To control this problem, a corporate data dictionary as well as data standardization procedures should be established. An organization, such as DoD, can implement a data dictionary system that controls both data and management of that data. This data dictionary system and data standardization principles can be of immediate benefit not only to corporate management but to the functional users as well.