Oracle security experts have written a new book for database administrators and security professionals who want to learn how to secure Oracle Databases. Written by Oracle's Paul Needham and Scott Rotondo, along with Independent Oracle Users Group President Michelle Malcher, Securing Oracle Database 12c: A Technical Primer, is available as a free download.
"In order to make a database secure, you first have to understand how it can be attacked. Keeping in mind all of the threats and all of the methods to counter them can get pretty complex," says Scott Rotondo, consulting member of technical staff at Oracle. "What we set out to do in this book is to provide a brief but comprehensive overview that explains the appropriate techniques to address the major threats. We also give some practical advice about relatively easy ways to secure a database system."
Each chapter provides practical insight into Oracle Database capabilities.
- Controlling Data Access and Restricting Privileged Users
describes the fundamental notions of authenticating users and controlling the
data that they can access. It covers best practices for determining the access
that each user requires and limiting the powers of highly privileged
- Preventing Direct Access to Data explains the use of
encryption to prevent attacks that attempt to gain access to data directly,
bypassing access controls.
- Advanced Access Control covers more sophisticated access
control mechanisms that allow for more precise control. These mechanisms include
Oracle Virtual Private Database, Oracle Label Security, and real application
- Auditing Database Activity describes the techniques for
maintaining an effective audit trail, which is a vital defense-in-depth
technique to detect misuse by privileged users and unexpected violations of
- Controlling SQL Input explains the use of a specialized
database firewall to monitor the SQL statements going to the database. This
helps protect the database against SQL injection attacks launched by web
- Masking Sensitive Data covers the use of data masking to
remove sensitive information from data that is used for test or development
purposes. It also describes the use of data redaction to dynamically mask the
results of queries on production databases.
- Validating Configuration Compliance describes the need to evaluate the database configuration against accepted standards, and the tools available for performing the evaluation to ensure continued compliance.
Download your free copy of Securing Oracle Database 12c: A Technical Primer.