Security :: Moving Application Security To Oracle From Sybase
Aug 18, 2010
In Sybase, my application was using system tables to perform application login security. Those tables obviously don't exist in Oracle. I am looking for ways to provide the following functionality in an Oracle world:
1. How to determine 'x' days of inactivity based on "last login date"?
2. How to determine when a new user logs in for the first time and force them to change their password?
3. If we need to reset a users password, how can we require the user to change their password?
4. Is there any other option other than storing a user-id/password in the application code for locking a user's account if their account needs to be locked due to inactivity?
5. In the USER_USERS view there is a status column. What the different status's can be?
View 3 Replies
ADVERTISEMENT
Dec 13, 2011
One of our auditing recommendation is to move table AUD$ to a separate tablespace from system. Why this recommendation is important and how to do this action ?
View 2 Replies
View Related
Dec 26, 2012
Any documentation supporting Oracle 11G and Advanced Security stating encryption at rest is FIPS 140-2 compliant?
View 3 Replies
View Related
Nov 16, 2010
Lost Windows password? Forgot Windows password? Your PC was hacked? Therefore, it is a basic step for every Windows users to enhance the security of Windows password. In the networks, it is found that a number of user's passwords are easy to guess. Only the smallest groups are the most security conscious and select passwords that are mixed lowercase and uppercase letters, numbers and punctuation to create cryptic passwords. Adopting strong password is one of the most effective ways to ensure system security. Here are several methods for you to enhance the security of your passwords in Windows 7/2000/XP/Vista and so on. You'd better remember the methods below unless you want to reset Windows password from time to time.
1. Is random password a great password?
A common myth is that totally random passwords like Ht3&e#L%5d@$B are the best passwords. This is not true. While they may be strong passwords, they are usually difficult to remember, slow to type, and sometimes vulnerable to attacks against the password generating algorithm. It is easy to create passwords that are strong but much easier to remember by using a few simple techniques. For example, consider the password "Luck-73@Better?". This password utilizes uppercase and lowercase letters, two numbers, and three symbols. The password is 15 characters long and can be memorized with very little effort. Moreover, this password can be typed very fast. The portion"Luck" and "Better" alternate between left and right-handed keys on the keyboard, improving speed, decreasing typos, and decreasing the chances of someone being able to discover your password by watching you.
2. Create the long Windows password
Although a password may eventually be discovered through some means, it is possible to create a password that cannot be cracked in any reasonable time. If a password is long enough, it will take so long or require so much processing power to crack it. That is essentially the same as being unbreakable (at least for most hackers).
3. Create the Windows password constantly?
This may be good advice for some high-risk passwords, but it is not the best policy for every user. It is frustrating for a user to have to constantly think of and remember new passwords every 30 days. It may be better to focus on stronger passwords and better user awareness rather than limiting password age. A more realistic time for the common user may be 90-120 days.
4. Write down Windows password in a proper place
Sometimes it is necessary for some users losing and forgetting complex passwords easily to write down them somewhere proper. However, it is important to educate users on how to write down passwords properly. Obviously, a sticky note on the monitor is not a good idea, but storing passwords in a safe or even a locked cabinet may be sufficient.
5. 14 characters is the optimal password length
Each character that you add to your password increases the protection. Your passwords should be 8 or more characters in length; 14 characters or longer is the Optimal Password Length. Many systems also support use of the space bar in passwords, so you can create a phrase made of many words. It is not easier to forget and lose, as well as longer than a simple password, and harder to guess.
6. Try not to use the same Windows password for all accounts
Some users always make the same passwords for every account to make it easy to remember. In that case, when any one of them lost, your other information protected by that password will be in danger as well. It is serious to use different passwords for different systems and accounts.
7. Do not use some common words that other users maybe guess
Most of users prefer to use some common words to remember easily, for example, login name, birth date, driver's license, passport number, pets' name and other words contained their personal information someone knows. In that case, your Windows system will not be safe anymore. Moreover, do remember not to use some words spelled backwards, abbreviations, sequences or repeated characters and adjacent letters, such as, asdfgh, 123456, 888888, abcdef and so on.
You can smoothly use your Windows now because the strong and powerful Windows password is created successfully, Certainly, I believe that many users lost Windows password and forgot Windows password, then you need have to reset Windows password or recover Windows password. It is a big problem for plenty of Windows users that how to reset Windows password. how to recover Windows password and they are puzzled by resetting windows password, for instance, reset Windows 7 password, recover password Windows XP, remove Windows Vista password and other operating systems after they create the password with complex letters, numbers and symbols. However, it is unnecessary to worry and it is said that things will eventually sort themselves out. There are many ways to reset forgotten Windows password, including use windows password reset disk and windows password reset software, like Super Windows Password Reset, a professional windows password reset software which could enable you to logon to Windows smoothly without reinstalling system.
View 1 Replies
View Related
Jul 27, 2010
Provide me the script which would track all the users security violations like ... say for example i want to find which users logged in and what he did in database prospective.
View 1 Replies
View Related
Nov 29, 2012
how can we mask value of some columns in table? For example: user A is supervisor, he can query salary column in employee table, but for user B, he is staff member, he can query salary column but system just shows ***** or something like that for salary value.
View 6 Replies
View Related
Feb 6, 2013
understanding where to store the static SQL code (Database or Application).Consider a scenario, that I am executing a simple SQL from Java which is returning some value, and it will not be changed in future.
should I store this sql in java application code or in database in form of procedure/function and returning the result to Java. Is there any security/performance impact?
View 3 Replies
View Related
Apr 24, 2013
i have IR report page and download column as blob,how can security applied in specific column wise?e.g. Report page have more rows, and applied query in condition.
Select ID,dbms_lob.getlength(Blob_file) Download from Document_master
where Created_by=UPPER(:APP_USER)
OR
(exists (select '' from apex_workspace_group_users awgu
where awgu.user_name =:app_user AND awgu.GROUP_NAME='EMPLOYEE_GROUP'
)
)
Now all the rows with Download column to see EMPLOYEE_GROUP users,but i need control the download column only except Created_by=UPPER(:APP_USER) ,this case how can do the security.
View 5 Replies
View Related
Nov 8, 2012
why the apex listener tries to return on port 7777 and is there any way we can change it?
In our infrastructure we block that port for security reasons. We are using OC4J (10.1.3.5.0).
View 3 Replies
View Related
Jul 18, 2012
we have a oracle database version 11.2.0.1. now we have installed database gateways 11g in sql server machine and created db link in oracle and working fine
Now my question is:
Windows 2003 server having sql server and 11g Gateways installed
But oracle database is 10g............if i create link in Oracle it will work? because 11gR2 gateway will synch with Oracle 10g database.
View 0 Replies
View Related
Dec 8, 2011
How to enable auditing in oracle ?
View 2 Replies
View Related
Oct 10, 2011
While searching for password encryption I came across these statements.
1.Password Encryption While Connecting. This protection is always in force, by default. Passwords are always automatically and transparently encrypted during network (client/server and server/server) connections, using a modified DES (Data Encryption Standard) or 3DES algorithm, before sending them across the network.
Confirm whether by default oracle encrypts the password before sending it to the database across the network even when the clear text password is used for connecting from a jdbc client.
View 1 Replies
View Related
Oct 25, 2011
there is urge to limit account usability in oracle.
let's say i have request to create user HR1, and additional information is that this account should be available for using till 31-dec-2011. is there possibility to set this validity during creation?
View 1 Replies
View Related
Aug 23, 2010
I Am unable to login in SIM 12.0.
I did nothing in server.
Should i do anything in LDAP..?
SIM user name and password is stored in LDAP. Its also running...
View 5 Replies
View Related
Oct 3, 2013
we need to implement REDACT features in oracle 11g. how to configure into it?
Below are my securities available in oracle 11g.
SQL> select parameter, value from v$option where upper(parameter) like '%SECURITY';
PARAMETER VALUE
---------------------------------------- ----------------------------------------
Enterprise User Security TRUE
Oracle Label Security TRUE
View 4 Replies
View Related
Jul 21, 2010
Is there any setting on oracle that allows to disconnect users automatically and display a message to users such: "Try a new connection to the db in 30 minutes"?
View 7 Replies
View Related
May 28, 2011
Let us say I want to audit data updates, deletes on existing table EMP_TAB that has a few hundred thousands of records.I created a shadow table Emp_tab_audit and added few audit columns
Emp_tab (
Empno NUMBER NOT NULL,
Ename VARCHAR2(10),
Job VARCHAR2(9),
[code]...
I am mostly interested in UPDATES and DELETES but I decided to add INSERTS to have full history for each eomplyee in one table (audit schema) instead of querying two tables all the time (production table and audit table) to see the changes.
I created this AFTER INSERT, UPDATE, DELETE trigger.decided to copy the :NEW values for INSERT and UPDATE and :OLD values for DELETE. attached.
so when insert happens, the first audit row is created in EMP_TAB_AUDIT. update happens, the 2nd new row is created in EMP_TAB_AUDIT.
The problem I am facing is the old records that curently exist. If someone updates an old row I am copying the :NEW values so I won't have a copy of the :OLD values unless I create 2 ROWS (one for the old and one for the new).
Do you think I should copy all the hundreds of thousands of records to the AUDIT tables for this to work.
*******************************************************************
CREATE OR REPLACE TRIGGER TRG_EMP_AUDIT
AFTER INSERT OR DELETE OR UPDATE ON EMP_TAB
FOR EACH ROW DECLARE
v_operation VARCHAR2(10) := NULL;
[code]...
View 22 Replies
View Related
Apr 28, 2011
I have tried to implement RLS policy of oracle.I have two Schema X1 & X1_DBA.
I have created the emp table in X1_DBA create table emp(empid number,ename varchar2(10),deptno number) and inserted some rows into the Table. i have created the below function in X1_DBA schema & Given Select Privilege to X1.
CREATE OR REPLACE FUNCTION no_dept10(
p_schema IN VARCHAR2,
p_object IN VARCHAR2)
RETURN VARCHAR2
[code]...
When i Add the Policy in X1_DBA.schema i am getting the Error as Table does not exist
SQL> BEGIN
2 DBMS_RLS.add_policy
3 (object_schema => 'X1',
4 object_name => 'EMP',
[code]...
ORA-00942: table or view does not exist
ORA-06512: at "SYS.DBMS_RLS", line 20
ORA-06512: at line 2
View 7 Replies
View Related
Oct 6, 2012
how to install wallet in Oracle 11g and chek if it is installed? Extra cost is involved for liscencing ?
Does it ask for any option while installing Oracle Software?
View 1 Replies
View Related
Sep 20, 2012
I have Oracle Advanced Security installed on database:
SQL> set line 400
SQL> select NAME
*2 from DBA_FEATURE_USAGE_STATISTICS*
*3 WHERE name IN ('Advanced Security')*
*4 /*
NAME
------------------------------------------------------
Advanced Security
Advanced Security
I need to uninstall this option, how to uninstall oracle advanced security ?
View 7 Replies
View Related
Apr 6, 2013
Can i get some documents on oracle RAC database encryption.?what are the pros and cons of encryption?Does this comes with oracle Database or something we need to buy from oracle sales persons?
View 2 Replies
View Related
May 5, 2011
Does any technical details on the tables found in Oracle Internet Directory? I've checked eTRM and google etc.. - nothing there apart from very minor snippets. I'd like logical schema drawings (PDF) if possible or even a list of the tables and what they do as like the modules in EBS.
View 3 Replies
View Related
Apr 7, 2010
I want to know whether OAS(oracle advanced security) is enabled in our database or not?
View 9 Replies
View Related
Nov 29, 2010
I understand how to create a database directory object to point to a directory on the server File System. Is there a way to take the next step and create a new directory on the host file system from within Oracle?
View 8 Replies
View Related
Mar 9, 2011
I am using Oracle 11g (11.2.0.1) and I want to audit the specific tables in my schema and send to OS syslog.
For example, I have 3 tables A,B and C. If any user is accessing A and B tables (DMLs,select etc) then I want to audit and send it to OS syslog.
View 1 Replies
View Related
Jul 16, 2013
I successfully created a Oracle Wallet in AIX. The wallet is belong to user "oracle" and permission is 755. I can access it with non-oracle user. Note: the non-oracle user is under the same group as "oracle" id.
But when I try to change the Oracle Waller permission to less than 755, I am not able to access it anymore. The error is "ORA-12578: TNS:wallet open failed".
My question is how can I access the Oracle Wallet without using 755 permission?
View 1 Replies
View Related
Nov 28, 2011
I want to create password file in Oracle 10g, setp to create password file.
View 5 Replies
View Related
Oct 23, 2012
An Oracle user account got locked, how do I check, which program or session was the cause for it? how to fetch this details along with details like timestamp, ip address, program name.
Wanted to know for Oracle 11 version running on Solaris machine.
View 2 Replies
View Related
Apr 28, 2011
I'm checking the possibility to use Active Directory to log on the our Oracle databases. But only for dba's and developers, not application users. We use Oracle 10.2.0.4 (and soon 11g) As OS on the databaseserver we use AIX5L 5.3
Is it possible to implement Active Directory on databases running on AIX ? If it is possible, what must be done to get it to work, software ... etc ?
View 3 Replies
View Related
Jun 7, 2013
Is this the correct forum to ask questions about Oracle CPU's?
I ran the CPU-JUL-2012 on a workstation for version 11.1.0.7, got Return Code 0 and "OPatch Succeeded".
Yet a Retina scan ran after shows no change....?
I've tried reading the availability document, but I have no experience at Oracle patching.
View 4 Replies
View Related
