This text teaches readers the why and how of implementing security plans in an Oracle environment. It proceeds logically through the necessary steps, which include: understanding Oracle's security architecture and implementing a plan; securing and interacting with OS's - Windows NT/2000, UNIX, and Linux; securing the database - with concrete examples; securing the network - with coverage of Web site and Oracle Portal security; and protecting against hackers, auditing and troubleshooting. Supplemental information including a glossary of terms, security risk assessment review, a hands-on tutorial to securing a server, and new security features for Oracle9i is also included.
Book Description
Editorial Reviews
From the Back Cover
Develop and Execute a Fail-Safe Security Plan for Your Oracle System
Opening mission-critical systems to partners and customers over the Internet poses new challenges to traditional measures of enterprise security. Oracle Security Handbook presents tested techniques and proven strategies for securing an Oracle environment -- from the operating system to the database to the network. You'll get step-by-step details on developing a rock-solid security plan and concrete examples of how to implement security using Oracle's built-in tools. The book also explains how to hacker-proof, audit, and troubleshoot your entire system. Officially endorsed by Oracle Corporation, this expert resource even delves into the details of Oracles own security implementations.
- Determine database vulnerability and the necessary steps to protect your system against attacks
- Implement operating-system security measures for UNIX and Microsoft Windows NT/2000
- Integrate authentication of database accounts with operating-system security
- Take advantage of the various password management features available in the Oracle database
- Use and control system and object privileges, roles, and views
- Implement location transparency using database links for server-to-server connections
- Design and implement secure applications using Virtual Private Database (VPD) and Oracle Label Security options
- Ensure data security over a network using the Oracle Advanced Security tool
- Construct a sound firewall to maintain network integrity
- Configure security into an Oracle9i Application Server Portal system
- Hacker-proof your system by anticipating an attacker's methods
About the Author
Marlene Theriault (Vienna, VA) has been an Oracle DBA for more than 18 years and has been published in several magazines and conference proceedings throughout the world. She has authored or co-authored several books including Oracle DBA 101, Oracle8i DBA Handbook, and Oracle8i Networking 101. Aaron Newman (Atlanta, GA) currently manages the development of database security solutions at Internet Security Systems, Inc., the world's leading provider of security management systems. He has developed security software not only for Oracle but also for Sybase, Microsoft SQL Server, Windows NT, and Unix. Newman's software has received awards such as the 1999 Editor's Choice Award from Windows NT Magazine. Prior to working for ISS, Newman was President and founder of DbSecure, the company that pioneered the database security assessment market. He has presented database security talks around the country at various security conferences and local user groups and has authored white papers on database security. Steve Vandivler (McLean, VA) has over seventeen years experience in managing projects and contracts with the U.S. Army, the Department of Defense, and commercially. He is President of the Mid-Atlantic Association of Oracle Professionals in the Washington, DC area and is well known in the Oracle User Group Community.
Product Details
Would you like to update product info or give feedback on images?
|
More About the Authors
Discover books, learn about writers, read author blogs, and more.
Customer Reviews
|
Share your thoughts with other customers:
|
||||||||||||||||||||||
|
Most Helpful Customer Reviews
6 of 7 people found the following review helpful:
5.0 out of 5 stars
Great book, immediately useful,
By William C Loggins (Salt Lake City, Utah United States) - See all my reviews
This review is from: Oracle Security Handbook : Implement a Sound Security Plan in Your Oracle Environment (Paperback)
I used this book to help compose a list of security risks and countermeasure for Oracle databases. I not only found many items for my list, I also increased my knowledge of the Oracle architecture, specifically regarding security. The authors cover how the components work together and with other items in modern enterprises, especially the information technology infrastructure. There's major information on securing the operating system, the database, and networks, plus loads of information about what should go into a security plan, policies, and procedures.
3 of 3 people found the following review helpful:
5.0 out of 5 stars
A must read for any IT professional,
By
This review is from: Oracle Security Handbook : Implement a Sound Security Plan in Your Oracle Environment (Paperback)
Chapter 3 alone makes it worth the price. It makes a great case for having a corporate security policy and gives you a great starting point for creating your own policy. The writing is clear and the examples are useful.
2 of 3 people found the following review helpful:
3.0 out of 5 stars
More Missing Pages,
By
This review is from: Oracle Security Handbook : Implement a Sound Security Plan in Your Oracle Environment (Paperback)
Like a previous reviewer, I also had pages missing from my book. The pages were not torn out, the book was just defectively bound at the factory. Pages 485 thru 532 were missing. I bought the book used and luckily the seller refunded my money. Be careful with this book, there must still be a lot of them with missing pages in warehouses.
Share your thoughts with other customers: Create your own review
|
|
Inside This Book
(learn more)
First Sentence:
The world has become a very small place and information becomes more and more accessible with each new day. Read the first page Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
global database link, oracle software owner, user database link, definer rights procedures, oracle oinstall, httpd configuration file, user evelyn, public database link, close notify alert, httpd file, time sheet application, invoker rights procedures, set role command, change management department, enterprise user security, link qualifier, oracle user account, product user profile, password management features, operating system authentication, authentication adapters, global database name, middle tier handle, standby database, listener service Key Phrases - Capitalized Phrases (CAPs): (learn more)
Oracle Portal, Edit User, Oracle Label Security, Oracle Names, Oracle Advanced Security, Oracle Corporation, Oracle Internet Directory, Connection Manager, Intelligent Agent, Trusted Oracle, Virtual Private Database, Certificate Authority, Denial of Service, Control Panel, Oracle Enterprise Manager, Server Manager, Make Public, Name Null, Oracle Security Handbook, Secure Sockets Layer, United States, User Manager, Common Criteria, Create Group, Oracle Wallet Manager New!
Books on Related Topics | Concordance | Text Stats Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
The world has become a very small place and information becomes more and more accessible with each new day. Read the first page Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
global database link, oracle software owner, user database link, definer rights procedures, oracle oinstall, httpd configuration file, user evelyn, public database link, close notify alert, httpd file, time sheet application, invoker rights procedures, set role command, change management department, enterprise user security, link qualifier, oracle user account, product user profile, password management features, operating system authentication, authentication adapters, global database name, middle tier handle, standby database, listener service Key Phrases - Capitalized Phrases (CAPs): (learn more)
Oracle Portal, Edit User, Oracle Label Security, Oracle Names, Oracle Advanced Security, Oracle Corporation, Oracle Internet Directory, Connection Manager, Intelligent Agent, Trusted Oracle, Virtual Private Database, Certificate Authority, Denial of Service, Control Panel, Oracle Enterprise Manager, Server Manager, Make Public, Name Null, Oracle Security Handbook, Secure Sockets Layer, United States, User Manager, Common Criteria, Create Group, Oracle Wallet Manager New!
Books on Related Topics | Concordance | Text Stats Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
Citations (learn more)
This book cites 4
books:
5
books
cite this book:
- Oracle Security by William Heney in Front Matter (1), and Front Matter (2)
- War Games by Wright Morris on page 6
- Installation Guide by Sun Microsystems Inc. on page 177
- Secrets & Lies: IT-Sicherheit in einer vernetzten Welt (German Edition) by Bruce Schneier on page 533
- Oracle9i Web Development by Brad Brown in Front Matter, page 486, and Back Cover
- Oracle9i DBA 101 by Marlene Theriault in Front Matter, and page 338
- Official (ISC)2 Guide to the CISSP Exam ((ISC)2 Press) by Susan Hansche CISSP on page 323
- Oracle9i Application Server Portal Handbook (Osborne ORACLE Press Series) by Steve Vandivier in Back Matter
- Special OPs: Host and Network Security for Microsoft, Unix, and Oracle by Erik Pace Birkholz on page 725
Books on Related Topics
(learn more)
|
What Other Items Do Customers Buy After Viewing This Item?
Suggested Tags from Similar Products(What's this?)Be the first one to add a relevant tag (keyword that's strongly related to this product).
|
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
Customer Discussions
|
This product's forum
Active discussions in related forums
Search Customer Discussions
|
Related forums
|
