Practical Oracle Security - 1st Edition - ISBN: 9781597491983, 9780080555669

Practical Oracle Security

1st Edition

Your Unauthorized Guide to Relational Database Security

Authors: Josh Shaul Aaron Ingram
eBook ISBN: 9780080555669
Paperback ISBN: 9781597491983
Imprint: Syngress
Published Date: 12th November 2007
Page Count: 288
Sales tax will be calculated at check-out Price includes VAT/GST
In Stock
In Stock
In Stock
Sorry, this product is currently out of stock.
Sorry, we aren’t shipping this product to your region at this time.
59.04
54.95
33.99
42.95
Unavailable
Price includes VAT/GST
51.95
31.99
39.95
Unavailable
Price includes VAT/GST
× DRM-Free

Easy - Download and start reading immediately. There’s no activation process to access eBooks; all eBooks are fully searchable, and enabled for copying, pasting, and printing.

Flexible - Read on multiple operating systems and devices. Easily read eBooks on smart phones, computers, or any eBook readers, including Kindle.

Open - Buy once, receive and download all available eBook formats, including PDF, EPUB, and Mobi (for Kindle).

Institutional Access

Support Center

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.

Description

This is the only practical, hands-on guide available to database administrators to secure their Oracle databases. This book will help the DBA to assess their current level of risk as well as their existing security posture. It will then provide practical, applicable knowledge to appropriately secure the Oracle database.

Key Features

  • The only practical, hands-on guide for securing your Oracle database published by independent experts.
  • Your Oracle database does not exist in a vacuum, so this book shows you how to securely integrate your database into your enterprise.

Readership

Written for database administrators and security professionals responsible for securely deploying Oracle relational databases.

Table of Contents

  • Author Acknowledgments
  • Authors
  • Technical Editor
  • Chapter 1: Oracle Security: The Big Picture
    • Introduction
    • A Brief History of Security Features in Oracle
    • The Regulatory Environment Driving Database Security
    • Major Data Theft Incidents
    • A Step-by-step Approach to Securing Oracle
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 2: File System
    • Introduction
    • Getting to Know Your Files
    • Reviewing Recommended Permissions
    • Managing Change
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 3: TNS Listener Security
    • Introduction
    • Introduction to the TNS Listener
    • Listener Vulnerabilities “By Design”
    • Fixing Listener Vulnerabilities by Applying Oracle Patch Sets and CPUs
    • Securing the Listener Configuration
    • Valid Node Checking
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 4: Managing Default Accounts
    • Introduction
    • The Role of Oracle Default Accounts From 9i to 10 g
    • Lock Accounts and Expire Default Passwords
    • Configure Strong Passwords
    • Unlock Accounts and Configure Impossible Passwords
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 5: PUBLIC Privileges
    • Introduction
    • The PUBLIC Group
    • Default Privileges on Sensitive Functions
    • Privileges You Should Never Grant to PUBLIC
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 6: Software Updates
    • Introduction
    • Understanding Oracle’s Patching Philosophy
    • Examining a CPU
    • Installing a Critical Patch Update
    • Evaluating Security Alerts
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 7: Passwords and Password Controls
    • Introduction
    • Configuring Strong Passwords
    • Password Controls Using Oracle Profiles
    • OS Authentication
    • Automated Scanning for Weak Passwords
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 8: Database Activity Monitoring
    • Introduction
    • Database Intrusion 101
    • Detecting Known Attack Patterns
    • Detecting Suspicious Activity
    • Tracking the Attacker
    • Adhering to Government and Industry Regulations
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 9: Implementation Guide
    • Introduction
    • Getting Started
    • Implementing Basic Security
    • Implementing Best Practices
    • Locking Down Your Database
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Index

Details

No. of pages:
288
Language:
English
Copyright:
© Syngress 2007
Published:
Imprint:
Syngress
eBook ISBN:
9780080555669
Paperback ISBN:
9781597491983

About the Author

Josh Shaul

Josh Shaul got started in the security industry with SafeNet, Inc. in 1997, working on the industry's first complete IPsec accelerator chip. During a five year tenure as a SafeNet developer, Josh spent time designing, developing and enhancing SafeNet's embedded security solutions for a wide range of applications. For the last four years Josh has focused primarily on field engineering, helping companies deploy security SW and HW into various Networking Devices, SoCs, and Processing Platforms. He is an expert on security protocols and standards, trusted computing, and application level security. Recently, Josh has focused primarily on database security, working to assist large organization in developing the proper defense-in-depth strategy to secure sensitive data at its source. Josh is currently responsible for Worldwide Systems Engineering at Application Security, Inc.

Affiliations and Expertise

Director, Worldwide Systems Engineering at Application Security, Oracle Expert, New York, NY

Aaron Ingram

Aaron has fifteen years experience developing enterprise software, focusing on database systems and security applications. After graduating with a Bachelor's degree in computer science from Columbia University, he worked at Accenture as a consultant for Fortune 500 financial and telecommunication companies and for various government agencies. He then worked for ShieldIP creating Digital Rights Protection technology. Most recently, he merged his extensive database background with his security skills to manage the development of Application Security's real-time database intrusion detection and security auditing solution, AppRadar.

Affiliations and Expertise

Security Engineer at Application Security, Oracle and Spyglass Expert, New York, NY

Ratings and Reviews

Request Quote

Tax Exemption

We cannot process tax exempt orders online. If you wish to place a tax exempt order please contact us.