Oracle security expert David Knox explains how to design and develop an integrated, secure Oracle environment. “In my experience in the security world, including 32 years at the Central Intelligence Agency, I’ve not found anyone with more experience in the theory and practice of protecting your data than David Knox.” --Dave Carey, former Executive Director of the CIA
Effective Oracle Database 10g Security by Design
and over one million other books are available for Amazon Kindle.
Learn more
FREE Two-Day Shipping for Students. Learn more |
| |||||||||||||||
 Sell Back Your Copy for $1.58
Whether you buy it used on Amazon for $5.00 or somewhere else, you can sell it back through our Book Trade-In Program at the current price of $1.58.
Used Price$5.00
Trade-in Price$1.58
Price after
Trade-in$3.42 |
Book Description
Special Offers and Product Promotions
- Buy $50 in qualifying physical textbooks, get $5 in Amazon MP3 Credit. Here's how (restrictions apply)
Frequently Bought Together
Editorial Reviews
From the Back Cover
Protect Your Mission-Critical Data with Tips and Tricks from an Oracle Security Insider
Oracle expert David Knox has written the most practical, up-to-date book on Oracle Database 10g security available. With an emphasis on real-world problems and detailed solutions, Effective Oracle Database 10g Security by Design provides all the information you need to develop and deploy secure database applications. The entire security cycle is covered--from identification and authentication to fine-grained access control and encryption to effective auditing techniques. The material is presented with comprehensive yet easy-to-understand examples that show how to use all the security technologies in a complementary way.
- Assess database vulnerabilities and develop effective security policies
- Preserve user identity with in-depth analyses of JDBC connection pools, proxy authentication, and client identifiers
- Manage database users from a central directory without sacrificing security
- Lock down database access using secure application roles
- Leverage application and database security within Oracle’s Identity Management infrastructure
- Validate user privileges by using simple views and scripts
- Protect individual data elements by using the new Oracle DBMS_CRYPTO package
- Exploit database views to provide row-level and column-level fine-grained access controls
- Enforce need-to-know access and data privacy with Virtual Private Database and Oracle Label Security
- Ensure user accountability with Oracle fine-grained Auditing
David Knox is the chief engineer for Oracle’s Information Assurance Center and is one of the premier educators worldwide on Oracle security. While at Oracle he has worked on wide-ranging security programs for various customers including the U.S. Department of Defense, intelligence agencies, financial services companies, and healthcare organizations.
About the Author
David Knox (Chantilly, VA) is the Chief Engineer for Oracle’s Information Assurance Center – Oracle Corporation’s Security Center of Excellence. Mr. Knox joined Oracle Corporation in June 1995. While at Oracle, Mr. Knox has worked on many security programs for the US Department of Defense, various Intelligence Agencies, Healthcare and Financial Services industries. His knowledge in computer security derives not only from working knowledge and experience with Oracle's security products and database security, but also his academic studies in the areas of multilevel security, cryptography, LDAP, and PKI. David earned a bachelor’s degree in Computer Science from the University of Maryland and a master’s degree in Computer Science from Johns Hopkins University.
Product Details
Would you like to update product info or give feedback on images?
|
More About the Author
Discover books, learn about writers, read author blogs, and more.
Customer Reviews
|
Share your thoughts with other customers:
|
||||||||||||||||||||||
|
Most Helpful Customer Reviews
7 of 7 people found the following review helpful:
5.0 out of 5 stars
Excellent step by step how to guide for Oracle Security,
By
This review is from: Effective Oracle Database 10g Security by Design (Paperback)
Unlike most of Oracle's documentation, which requires you to go through several manuals to accomplish something, this book provides a high to mid level step by step guide for implementing defense in depth and least privilege security for Oracle 10G databases. Granted, this book doesn't go extremely deep to the point of Thomas Kyte's reference manual, but it is an easy read and has specific examples that will help you do basic implementations of Oracle's strongest security capabilities.
I highly recommend this book for anyone interested. You will find useful material, regardless of your expertise level.
6 of 6 people found the following review helpful:
5.0 out of 5 stars
The Bible of Oracle Security,
This review is from: Effective Oracle Database 10g Security by Design (Paperback)
If the solution to your Oracle security problem cannot be found in David Knox's Effective Oracle Security by Design, it cannot be found anywhere. This book is invaluable for anyone needing to understand or implement security in an Oracle 10g or 9i database or middle tier. In addition to clear explanations, there are tested code examples for virtually every task. I would strongly urge anyone concerned with building secure IT systems read this book and take its suggestions. Frankly, I'm not sure how else one could do it.
7 of 8 people found the following review helpful:
5.0 out of 5 stars
Good Enough for the CIA,
By
This review is from: Effective Oracle Database 10g Security by Design (Paperback)
It would be easy to be secure if all the data were in one room, there were no connections to the outside world (well I guess you have to have power coming in, but that's all), and there were no people who knew the data.
Unfortunately that's not the real world. Breaking the German and Japanese codes during World War II would have been meaningless if that information wasn't used to sink the submarines, divert the convoy, or be ready at Midway. The situation hasn't changed, but the integral capabilities of the Oracle database itself have. As security has gotten ever more important, the steps you need to take get every more complex. At the same time, the users of your data can't be expected to agree, they have a job to do and if security systems prevent them from doing their job they will find ways to bypass or ignore the security system. This book can be read on two levels. First it is an excellent primer on security in general. Second it is Oracle centric so that anyone responsible for security on an Oracle based system need go no further. Note that the Foreward is by David Carey, former Executive Director of the Central Intelligence Agency. It is generally believed that a big contract from the CIA was Oracle's first major success. The implication is that the CIA worked with Oracle to develop the security system discussed here. If the CIA says it's good enough....
Share your thoughts with other customers: Create your own review
|
|
Inside This Book
(learn more)
First Sentence:
Securing the database may be the single biggest action an organization can take in proactively defending itself against the myriad of unforeseen hostile intruders. Read the first page Key Phrases - Capitalized Phrases (CAPs): (learn more)
Oracle Label Security, Trusted Oracle, Oracle Policy Manager, Oracle Application Server, Virtual Private Database, Enterprise Security Manager, End of Record, Encryption Time, Oracle Internet Directory, Grained Access Control Policies, Label Security Policies, Data Record Labels, Encrypted Deptno, General Security Best Practices, Indirect Role, Oracle Enterprise Manager, Data Mining, Enterprise Edition Release, Name Null, Production With the Partitioning, Start Value, Custom Database, Department of Defense, End Value, Julius Caesar New!
Books on Related Topics | Concordance | Text Stats Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
Securing the database may be the single biggest action an organization can take in proactively defending itself against the myriad of unforeseen hostile intruders. Read the first page Key Phrases - Capitalized Phrases (CAPs): (learn more)
Oracle Label Security, Trusted Oracle, Oracle Policy Manager, Oracle Application Server, Virtual Private Database, Enterprise Security Manager, End of Record, Encryption Time, Oracle Internet Directory, Grained Access Control Policies, Label Security Policies, Data Record Labels, Encrypted Deptno, General Security Best Practices, Indirect Role, Oracle Enterprise Manager, Data Mining, Enterprise Edition Release, Name Null, Production With the Partitioning, Start Value, Custom Database, Department of Defense, End Value, Julius Caesar New!
Books on Related Topics | Concordance | Text Stats Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
Citations (learn more)
This book cites 8
books:
See all 8 books this book cites
- Expert Oracle: Signature Edition (Expert One-On-One) by Thomas Kyte in Front Matter (1), and Front Matter (2)
- Secrets and Lies: Digital Security in a Networked World by Bruce Schneier on page 202
- Secrets & Lies: IT-Sicherheit in einer vernetzten Welt (German Edition) by Bruce Schneier on page 202
- Hardening Network Infrastructure by Wes Noonan on page 16
- Effective Oracle by Design (Osborne ORACLE Press Series) by Thomas Kyte in Front Matter
See all 8 books this book cites
What Other Items Do Customers Buy After Viewing This Item?
Tags Customers Associate with This Product(What's this?)Click on a tag to find related items, discussions, and people.
|
Customer Discussions
|
This product's forum
Active discussions in related forums
Search Customer Discussions
|
Related forums
|
