Security and identity management for Oracle 10 Gb Database

Oracle Database 10 Gb provides a secure and scalable foundation for Oracle Identity Management. The Oracle Internet Directory (OID) is implemented as an application running on the Oracle database at 10 Gb, this allows the OID to support several T-bytes of directory information on a single server or each node in a grid. Oracle Database 10 Gb protects raw data with powerful features such as virtual private database. Important database security features include:

◆Enterprise user security

Oracle Database's 10 Gb enterprise user security feature covers the Enterprise access permission management and sharing mode (schemas), allowing each user to access data, it also supports centralized user management in the Oracle Internet directory. User Permissions (reflected by roles) and object constraints (reflected by the access control list) can be stored in the OID database.

◆Virtual Private Database

The Virtual Private Database (VPD) allows developers to attach security policies to application tables, views, or synonyms. Security policy can be used to determine how to use the security Application Context. Oracle Database 10 Gb also introduces the column-related security policy implementation mechanism in the Virtual Private Database and the column masking mechanism that can be selected.

◆Oracle Label Security

Oracle Database 10 Gb allows you to create Oracle tag security policies in the Oracle Identity management infrastructure. By using the Oracle Internet Directory, people can create Oracle tag security policies in a centralized location to simplify the process of security assurance and management in all databases in the enterprise or grid. You can manage the Organization's sensitive labels and application user security licenses in one location.

◆Fine-grained Audit

An important aspect of any effective security policy is to maintain system activity records to ensure that users are responsible for their own actions. Based on the powerful and comprehensive audit functions of Oracle databases, Oracle incorporates fine-grained audit functions. If the user mistakenly uses the data access permission, this function can be used as an institution's warning system, or as a system for detecting database intrusion.

◆Proxy Authentication

Oracle Database 10 Gb supports proxy authentication. It allows an SSL Certificate (X.509 Certificate or DN) to be transmitted to the database to identify (rather than authenticate) users, thus providing layer-3 security features. The database uses DN or certificate to search for users in the Oracle Internet directory or another LDAP-based directory. Proxy authentication and Oracle Enterprise user security integration also enable user identities to be maintained at all levels of an application, and users only need to create one in the directory.

Oracle Advanced Security: Oracle Advanced Security uses the existing enterprise security framework to provide some powerful authentication solutions, it includes Kerberos, public key cryptography technology, RADIUS, and a 10 Gb distributed computing environment for Oracle databases. One of the new functions of this version is to check the X509v3 certificate revocation information by checking the Certificate Revocation List stored in the file system, Oracle Internet Directory, or CRL segment point (Distribution Points.

Author Profile

Michael Miley(Mmiley@pacbell.net) Is a freelance writer who lives in Sonoma, California.