Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Confidentiality Oracle Security Do Tri Tuc

Published byRafe Holt Modified over 8 years ago

Similar presentations

Presentation on theme: "Data Confidentiality Oracle Security Do Tri Tuc"— Presentation transcript:

1 Data Confidentiality Oracle Security Do Tri Tuc
Information System Security Management

2 Outline Oracle Security Introduction Data Confidentiality Summary
Bibliography Q&A Information System Security Management

3 Oracle Security Information System Security Management
A. Basic Database Security Apply the priciple of least privilege to the database Lock and Expire default user accounts Change default user passwords Create strong passwords Enforce password management Protect the data dictionary (set parameter 07_dictionary_accessibility = FALSE to prevent users have ANY system privileges from accessing data dictionary base tables) 1. Net Service Oracle Net Services provides enterprise wide connectivity solutions in distributed, heterogeneous computing environments. Oracle Net Services ease the complexities of network configuration and management, maximize performance, and improve network diagnostic capabilities. Firewall : Restricting network IP address. Deny / Allow access from IP Address. Setting parameter in sqlnet.ora Network Traffic Encryption : Encrypts network connections Encrypts data transmitted over the network Prevents decrypting data over the network Provides severals encryption methods Listener Security : Restrict node registration Move the listener to a non-default port (1521) Using TCP/IP for SSL (TCPS) when administering over a nonsecure network Monitor listener activity 2. Authentication Basic : authentication by database or OS Strong : using strong methods likes certificates, smard cards, and Kerberos Proxy users : authenticated through a middle-tier server 3. Data Access Control Privileges and Roles : Privileges includes System privileges and Objects privileges A Role is a colection of privileges : system and object RMAN Virtual Private Catalog - The RMAN catalog is a schema created in a separate database from your target databases (i.e. the databases that you backup) using the CREATE CATALOG command. The schema is essentially comprised of the same information regarding the database backups which is stored in the database controlfiles of the target databases. - RMAN VPC can grant restricted access to the RMAN catalog to some users so that they can only access a limited set of databases that are registered in the RMAN catalog. Privilege Analysis : Analyze used privileges to revoke unnecessary privileges Virtual Private Database : - uses Fine-Grained Access Control to limit row and column access and an application context to provide the information. - Allows to control data accesses at row and column level, by adding a dynamic WHERE clause to a SQL statement. VPD always redacts the data to NULL value. When the application does not support that, then one should use Data Redaction. Virtual Private Database is a free option of Enterprise Edition; Oracle Label Security : - Oracle Label Security (OLS) is an extension of the Virtual Private Database (VPD) technology introduced in Oracle 8i. OLS allows access control down to individual rows based on attached labels. Similar functionality can be reproduced using Fine Grained Access Control (FGAC) but OLS provides an out-of-the-box solution to row-level security. - Lets to add user defined labels to rows (for example: ‘sensitive’, ‘private’) and use Virtual Private Database to control access based on labels; Frequently Asked Questions on Oracle Label Security 4. Data Confidentiality TSDP - Transparent Sensitive Data Protection : Transparent sensitive data protection enables you to find all table columns in a database that hold sensitive data. You can create policies that protect this data. You can use transparent sensitive data production with Oracle Data Redaction, Oracle Virtual Private Database, unified auditing, fine-grained auditing, and Transparent Data Encryption column encryption DBMS_CRYPTO : contains basic cryptographic functions and procedures; provides an interface to encrypt and decrypt stored data, and can be used in conjunction with PL/SQL programs running network communications. It provides support for several industry-standard encryption and hashing algorithms, including the Advanced Encryption Standard (AES) encryption algorithm. 5. Auditing - Auditing is the ability to track changes that users make in the database. - Auditing is the monitoring and recording of configured database actions, from both database users and nondatabase users . You can base auditing on individual actions, such as the type of SQL statement executed, or on combinations of data that can include the user name, application, time, and so on. "Nondatabase users" refers to application users who are recognized in the database using the CLIENT_IDENTIFIER attribute. To audit this type of user, you can use a unified audit policy condition, a fine-grained audit policy, or Oracle Database Real Application Security. Unified Auditing: audit operations of all RDBMS and other components like RMAN, Oracle Data Pump; consolidating all audit trails into a single unified audit trail table. New feature of Oracle Database 12c Fine-Grained Audit : Fine grained auditing extends Oracle standard auditing capabilities by allowing the user to audit actions based on user-defined predicates Information System Security Management

4 Data Redaction Information System Security Management
Oracle Data Redaction enables you to mask (redact) data that is returned from queries issued by applications. - Before, this feature is put in application layer. Nut now Oracle moves this functionality to database layer. - Oracle Data Redaction is a transparent, flexible, and simple solution. It modifies sensitive data columns contained in SQL query results on-the-fly right before the results are returned to applications. The columns are redacted according to flexible policies that provide conditional redaction. The policies are managed directly within the database. - Oracle Data Redaction is designed to be fast so . Oracle Data Redaction is designed to be fast so that it can be used on production systems. - Oracle Data Redaction is useful for many different scenarios. It can be applied to a range of packaged and custom applications to redact application screens, dashboards, and reports. It helps you avoid making code changes in existing call center, human resources, sales, and financial and healthcare applications. These applications frequently manage payment card (PCI), protected health (PHI), or personally identifiable (PII) information that is subject to regulation. Oracle Data Redaction is also useful for decision support systems that aggregate large and diverse sets of data in a single repository for running analytics. - When an application issues a query, data is retrieved from the database and then the redaction policy is applied. Redaction takes place immediately preceding the return of selected data, and only at the top level of the SELECT list. Information System Security Management

5 Data Redaction (.cont) Types of Redaction
Types of Oracle Data Redaction - Full: A full data redaction policy redacts all the contents of a data column. - Partial: In partial data redaction, only a portion of the data, such as the first five digits of an identification number, are redacted. - Regular Expression Redaction: Regular expression-based redaction enables you to search for patterns of data to redact. For example, you can use regular expressions to redact addresses, which can have varying character lengths. It is designed for use with character data only. You can use formats for the search and replace operation, or you can create custom pattern formats. Random Redaction: A random redaction policy presents redacted data as randomly generated values, such as Ukjsl32[[]]]s. Information System Security Management

6 Data Redaction (.cont) Implementation Defining a Redaction Policy
What to redact, as specified by: – Schema name (OBJECT_SCHEMA) – Object name (OBJECT NAME _NAME) – Column name (COLUMN_NAME) When to redact, as specified in a policy expression (EXPRESSION) How to redact, as specified by: – F unction type (FUNCTION_TYPE) – Function parameters (FUNCTION_PARAMETERS) or regular expression parameters (REGEXP_*) Adding a Redaction Policy to a Table or View Information System Security Management

7 Data Redaction (.cont) Example:
Defining a redaction policy for the COMMISSION_PCT column in the HR.EMPLOYEES table: SQL> exec DBMS_REDACT.ADD_POLICY ( policy_name => 'EMPSAL_POLICY', - object_schema => 'HR', - object_name => 'EMPLOYEES', - column_name => 'COMMISSION_PCT', - expression => 'SYS_CONTEXT(''USERENV'','CLIENT_IDENTIFIER'')!=''HR''',- function type _type => DBMS REDACT.FULL) Information System Security Management

8 Data Masking Information System Security Management
When copying data from production database to non-production for testing, sensitive information must be replaced. This database is userd by internal users such as application developers, or external business partners such as offshore testing companies, suppliers and customers. Example: sub-company of DAB - DTSC - developing programs for banking. They need data for testing ... So, What is data masking? Process to replace sensitive information with realistic data based on masking rules. Why use data masking? It provide the ability to share data with non-production users such as testing companies. - This contrasts with encryption or Virtual Private Database or Data Redaction, which simply hides data, and the original data can be retrieved with the appropriate access or key. With data masking, the original sensitive data cannot be retrieved or accessed. - Names, addresses, phone numbers, and credit card details are examples of data that require protection of the information content from inappropriate visibility. Information System Security Management

9 Data Masking (.cont) Information System Security Management
The security administrator performs the following tasks: 1. Review the application database and identify sensitive data. 2. Define mask formats for sensitive data. 3. Create a masking definition to associate table columns to the defined mask formats. The database administrator performs the following tasks: 4. Clone the production database to a staging database. 5. Create a masking definition if this task is not performed by the application database administrator or security adminitrator and review the mask definition. 6. Execute the masking job in the staging database. 7. Verify that the masked data meets the information security requirements. 8. Refine the masking definition as necessary. If the masking definition is changed, the database administrator performs the following tasks: i. Restore the altered tables. ii. Reapply the masking definition until the optimal masking definitions are identified 9. Export the masking definition for future use. 10. Clone the staging database to a test database. Information System Security Management

10 Data Masking (.cont) Process Information System Security Management
Steps in the masking process: 1. Build a mapping table for each column to be masked. The mapping table contains (original _value, mask_value). 2. Drop constraints and revoke grants. 3. Rename the table. 4. Create a new table using mapping tables joined to the original table. 5. Create indexes on the new table. 6. Gather statistics. 7. Replace constraints and grants. 8. Drop indexes on the original table and drop the original table with the purge option. 9. Drop mapping tables Information System Security Management

11 TDE Transparent Data Encryption
Encrypts data in: Data files (tablespaces, columns, indexes) Redo log and archive log files Memory (only for column encryption) File backups Transparent Data Encryption (TDE) enables you to encrypt sensitive data, such as Personally Identifiable Information (PII), that you store in tables and tablespaces. After the data is encrypted, this data is transparently decrypted for authorized users or applications when they access this data. TDE helps protect data stored on media (also called data at rest) in the event that the storage media or data file is stolen. Information System Security Management

12 TDE Transparent Data Encryption (.cont)
Using TDE - TDE enables encryption for sensitive data in columns without requiring users or applications to manage the encryption key. - Transparent Data Encryption (TDE) can use an HSM to provide enhanced security for sensitive data. An HSM is used to store the master encryption key used for TDE. A Hardware Security Module (HSM) is a physical device that provides secure storage for encryption keys. It also provides secure computational space (memory) to perform encryption and decryption operations. HSM is a more secure alternative to the software keystore. Information System Security Management

13 TDE Transparent Data Encryption (.cont)
Keystore Location Keystore Location: declare path location in sqlnet.ora TDE creates a key for each table that uses encrypted columns and each encrypted tablespace Information System Security Management

14 TDE Transparent Data Encryption (.cont)
Creating & Opening Information System Security Management

15 TDE Transparent Data Encryption (.cont)
Encryption Algorithms Coloumn Encryption AES256 AES192 (default) 3DES168 Tablespace Encryption AES128 (default) Information System Security Management

16 TDE Transparent Data Encryption (.cont)
Examples Coloumn Encryption SQL> create table cust_info_salt (name varchar2(11), order number number(13), credit_card_number varchar2(20) encrypt); Tablespace Encryption SQL> create tablespace encrypt_ts datafile '$oracle home/dbs/encrypt dat' size 100m encryption using '3des168' default storage (encrypt); Information System Security Management

17 DB Storage Security Recovery Manager (RMAN) – encrypted backups
Oracle Secure Backup Data Pump Export encryption Information System Security Management

18 DB Storage Security (.cont)
Recovery Manager (RMAN) is an Oracle Database client that performs backup and recovery tasks on your databases and automates administration of your backup strategies. It greatly simplifies backing up, restoring, and recovering database files. The data is encrypted by RMAN before it is transmitted to the disk or tape storage device, and no further encryption is performed. RMAN – Encrypted Backups Information System Security Management

19 DB Storage Security (.cont)
OSB includes the secure communications technology of Oracle Advanced Security in the Enterprise Edition to provide secure communication between hosts(administrative, source, and target) in the OSB domain. OSB encrypts the transmitted data and control messages with a default key of 1,024 bits generated for each session using secure sockets layer (SSL). OSB provides this key from an embedded wallet that is separate from the keystore used by RMAN to encrypt backups Oracle Secure Backup Encryption Information System Security Management

20 DB Storage Security (.cont)
Oracle Data Pump technology enables very high-speed movement of data and metadata from one database to another. Oracle Data Pump is available only on Oracle Database 10g release 1 (10.1) and later. ENCRYPTION: ENCRYPTED_COLUMNS_ONLY, DATA _ONLY, METADATA_ONLY, ALL, NONE (default) ENCRYPTION_PASSWORD: set password for dump files. (ENCRYPTION_MODE = PASSWORD) ENCRYPTION_MODE: TRANSPARENT, PASSWORD, DUAL Data Pump Encryption Information System Security Management

21 Summary Oracle Data Confidentiality Data Redaction Data Masking
Transparent Data Encryption Database Storage Security Information System Security Management

22 Bibliography D81599GC10 - Oracle Database 12c - Security - v1.0 Jun 2014 D50323GC20 - Oracle Database 11g - Security - v2.0 Apr 2010 Protecting Oracle Database 12c – Part 3, Chapter 8 – Paul M.Wright & Arup Nanda Oracle Database Security 12c Release 1 (12.1) - Information System Security Management

23 Q & A Information System Security Management

Download ppt "Data Confidentiality Oracle Security Do Tri Tuc"

Similar presentations

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any.

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any.
CHAPTER 4 Tablespaces and Datafiles. Introduction After installing the binaries, creating a database, and configuring your environment, the next logical.

CHAPTER 4 Tablespaces and Datafiles. Introduction After installing the binaries, creating a database, and configuring your environment, the next logical.
INTRODUCTION TO ORACLE Lynnwood Brown System Managers LLC Backup and Recovery Copyright System Managers LLC 2008 all rights reserved.

INTRODUCTION TO ORACLE Lynnwood Brown System Managers LLC Backup and Recovery Copyright System Managers LLC 2008 all rights reserved.
5 Copyright © 2005, Oracle. All rights reserved. Managing Database Storage Structures.

5 Copyright © 2005, Oracle. All rights reserved. Managing Database Storage Structures.
1. 2 Introduction This presentation describes introduction of data encryption into Oracle databases and how “Transparent Data Encryption” in Oracle 11g.

1. 2 Introduction This presentation describes introduction of data encryption into Oracle databases and how “Transparent Data Encryption” in Oracle 11g.
Oracle9i Database Administrator: Implementation and Administration 1 Chapter 2 Overview of Database Administrator (DBA) Tools.

Oracle9i Database Administrator: Implementation and Administration 1 Chapter 2 Overview of Database Administrator (DBA) Tools.
Harvard University Oracle Database Administration Session 2 System Level.

Harvard University Oracle Database Administration Session 2 System Level.
15 1 Chapter 15 Database Administration Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.

15 1 Chapter 15 Database Administration Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.
15 Copyright © 2006, Oracle. All rights reserved. Database Security.

15 Copyright © 2006, Oracle. All rights reserved. Database Security.
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle SQL Developer For the DBA Jeff Smith

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle SQL Developer For the DBA Jeff Smith
Database Backup and Recovery

Database Backup and Recovery
Configuring Recovery Manager

Configuring Recovery Manager
4 Copyright © 2008, Oracle. All rights reserved. Configuring Backup Specifications.

4 Copyright © 2008, Oracle. All rights reserved. Configuring Backup Specifications.
Chapter 5 Configuring the RMAN Environment. Objectives Show command to see existing settings Configure command to change settings Backing up the controlfile.

Chapter 5 Configuring the RMAN Environment. Objectives Show command to see existing settings Configure command to change settings Backing up the controlfile.
9 Copyright © Oracle Corporation, 2001. All rights reserved. Oracle Recovery Manager Overview and Configuration.

9 Copyright © Oracle Corporation, All rights reserved. Oracle Recovery Manager Overview and Configuration.
Agenda  Overview  Configuring the database for basic Backup and Recovery  Backing up your database  Restore and Recovery Operations  Managing your.

Agenda  Overview  Configuring the database for basic Backup and Recovery  Backing up your database  Restore and Recovery Operations  Managing your.
Introduction to Oracle Backup and Recovery

Introduction to Oracle Backup and Recovery
Oracle TDE -11gR2.

Oracle TDE -11gR2.
1 Copyright © 2005, Oracle. All rights reserved. Introduction.

1 Copyright © 2005, Oracle. All rights reserved. Introduction.
Oracle Database Administration

Oracle Database Administration

Similar presentations

Ads by Google