Oracle Database 11G Security Options – Key Points

         

 Summary On Oracle Database Security Options 

1.   Audit Vault alerts can be define for the following events

·         Granting of DBA privileges.

·         Table drops.

·         Failed logins.

·         Direct views of sensitive data.

2.   Database Vault rules can be based on

·         time of day,

·         ip address,

·         language,

3.  Audit Vault agents can audit

·         Oracle databases

·         SQL databases

·         DB2  databases

·         Sybase databases.

4.  Database Vault command rules are not based on Database Vault rules, but on Database Vault rule sets.

5. Only 29% of customers  encrypt Personally Identifiable Information (PII) in their database

6. You can define your own Audit Vault reports

7.  Data Masking is used when sharing data outside of your production environment

8. Database Vault can be used to enforce separation of duties.

9. You can encrypt  data at the column or tablespace level

10. PCI, SOX and HIPAA are regulations that can lead to greater security requirements.

11. Advanced Security Option is used to implement strong authentication.

12.  Increased compliance regulations can lead to additional security requirements

13. Separation of duties is denying administrators access to data values

14. Database Vault and Advanced Security Option can be used to enforce separation of duties.

15. A Database Vault realm can prevent access to a table

16. Label Security is used to implement security based on data values in individual rows

17.  Label Security allows the finest-grained access control

18. data masking maintains relationships defined by foreign keys automatically

19. sensitive data should be encrypted when at rest in the database and in transit and when backed up.

20.  Audit Vault supports redo, database and operating system based auditing for the Oracle database.

21. A Database Vault rule set can control access to both commands and realms

22. Audit Vault provides consolidated reporting across multiple databases and active alerts of security  violations.

23. Label Security is used to implement security based on data values in individual rows

24. You can define your own Audit Vault alerts.

25. Database Vault and Audit Vault can produce reports on security violations

26. Payment Card Industry security standards can affect companies worldwide

27. Advanced Security Option uses a two-tier architecture for key management.

28. Rule sets in Database Vault control access to realms and commands